High
CVE-2022-43635 CVSS:6.5
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the incorrect implementation of the authentication algorithm. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.
CVE-2022-43636 CVSS:7.5
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of sufficient randomness in the sequnce numbers used for session managment. An attacker can leverage this vulnerability to bypass authentication on the system.
TP-Link
Please refer to the TP-Link Support to find the hardware version on a TP-Link device