HIGH🇵🇱 Wersja polska

CVE-2020-10974

CVSS 7.5v3.1pub. 2020-05-07upd. 2024-11-21

An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Wavlink Jetstream Ac3000

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Jetstream Ac3000 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Jetstream Erac3000

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Jetstream Erac3000 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Wl Wn575a3

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wl Wn575a3 Firmware

    OS
    Wavlink
    rpt75a3.v4300.180801
  • Wavlink Wl Wn579g3

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wl Wn579g3 Firmware

    OS
    Wavlink
    m79x3.v5030.180719
  • Wavlink Wn530h4

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn530h4 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Wn531a6

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn531a6 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Wn535g3

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn535g3 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Wn572hg3

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn572hg3 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Wn575a4

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn575a4 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Wn578a2

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn578a2 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Wn579g3

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn579g3 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Wn579x3

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn579x3 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Wn57x93

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn57x93 Firmware

    OS
    Wavlink
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-38861CRITICAL9.8ten sam produkt

An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via us...

CVE-2022-37149CRITICAL9.8ten sam produkt

WAVLINK WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability when opera...

CVE-2022-35519CRITICAL9.8ten sam produkt

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which...

CVE-2022-35518CRITICAL9.8ten sam produkt

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and U...

CVE-2022-35520CRITICAL9.8ten sam produkt

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is...