CVE-2022-48165

Summary:

WAVLINK Aerial G - AC1200 High Power Dual Band Wireless Router (WL-WN530H4) devices running firmware version (M30H4.V5030.210121) have an access control issue, allowing unauthenticated attackers to download configuration data and log files and obtain admin credentials.

Vendor:

Wavlink

Affected Product:

WL-WN530H4

Version:

M30H4.V5030.210121

Details:

When an unauthenticated attacker requests /cgi-bin/ExportLogs.sh this will lead to downloading all configurations and Admin Credentials and accessing the Device Dashboard.

Check Application Device Version:

request the vulnerable component.

Accessing Admin Dashboard:

PreviousCVE-2022-48164 NextCVE-2022-48166

Last updated 1 year ago

Was this helpful?