CVE-2022-48165
Summary:
WAVLINK Aerial G - AC1200 High Power Dual Band Wireless Router (WL-WN530H4) devices running firmware version (M30H4.V5030.210121) have an access control issue, allowing unauthenticated attackers to download configuration data and log files and obtain admin credentials.
Vendor:
Wavlink
Affected Product:
WL-WN530H4
Version:
M30H4.V5030.210121
Details:
When an unauthenticated attacker requests /cgi-bin/ExportLogs.sh this will lead to downloading all configurations and Admin Credentials and accessing the Device Dashboard.
Check Application Device Version:
request the vulnerable component.
Accessing Admin Dashboard:
Last updated