CVE-2022-4498

Published: Jan 11, 2023

Modified: Nov 4, 2025

PUBLISHED

Description

In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution.

Vendor	Product	Versions
TP-Link	WR710N	affected `V1-151022`
TP-Link	Archer C5	affected `V2_160221_US`

References

https://kb.cert.org/vuls/id/572615

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-4498

Description

Affected Products

References