A critical authentication vulnerability in the TP-Link Archer C64 v1 allows attackers to brute-force SSH credentials and gain full administrative control.

The debug SSH service fails to enforce rate-limiting on authentication attempts. Furthermore, it shares credentials with the web interface, allowing an attacker with adjacent network access to brute-force the password and gain administrative privileges.

With a CVSS score of 8.8, this vulnerability poses a severe risk to network security. An attacker who gains administrative access to a gateway device can intercept traffic, modify DNS settings, or establish a permanent backdoor into the internal network, leading to complete compromise of the connected environment.

Immediate Action: Update the Archer C64 firmware to version 1.15.0 Build 250729 Rel.63489n(4555) or later to enforce proper rate-limiting.

Proactive Monitoring: Monitor for unusual SSH activity and failed login attempts originating from the local network, which may indicate brute-force activity.

Compensating Controls: Disable SSH access on the device if it is not strictly required for administrative operations, and utilize strong, unique passwords for the web interface.

Public Exploit Available: True

The ease of exploitation via simple scripts makes this a critical threat. Users must apply the specified firmware update immediately to secure the SSH service and protect the device from unauthorized administrative access.