An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker must perform a decryption step, but all decryption information is readily available.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NWavlink Wn530hg4
HWWavlinkwszystkie wersjeWavlink Wn530hg4 Firmware
OSWavlinkm30hg4.v5030.191116Wavlink Wn531g3
HWWavlinkwszystkie wersjeWavlink Wn531g3 Firmware
OSWavlinkwszystkie wersjeWavlink Wn533a8
HWWavlinkwszystkie wersjeWavlink Wn533a8 Firmware
OSWavlinkwszystkie wersjeWavlink Wn551k1
HWWavlinkwszystkie wersjeWavlink Wn551k1 Firmware
OSWavlinkwszystkie wersje
Powiązane podatności
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManage...
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is...
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and U...
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which...
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp...