An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.
References
Link | Resource |
---|---|
https://docs.google.com/document/d/1HD4GKumkZpa6FNHuf0QQSKFvoYhCfwXpbyWiJdx1VtE/edit?usp=sharing | Exploit Third Party Advisory |
https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WL-WN530H4.md | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2023-02-03 13:15
Updated : 2023-02-13 07:07
NVD link : CVE-2022-48165
Mitre link : CVE-2022-48165
JSON object : View
CWE
Products Affected
wavlink
- wl-wn530h4_firmware
- wl-wn530h4