HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2020-10972

CVSS 7.5v3.1pub. 2020-05-07upd. 2024-11-21

An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page (a certain live_?.shtml page with the variable syspasswd). Affected Devices: Wavlink WN530HG4, Wavlink WN531G3, and Wavlink WN572HG3

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Wavlink Wn530hg4

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn530hg4 Firmware

    OS
    Wavlink
    m30hg4.v5030.191116
  • Wavlink Wn531g3

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn531g3 Firmware

    OS
    Wavlink
    wszystkie wersje
  • Wavlink Wn572hg3

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wn572hg3 Firmware

    OS
    Wavlink
    wszystkie wersje
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-10429HIGH8.6ten sam produkt

A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028...

CVE-2024-10428HIGH8.6ten sam produkt

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been rated as criti...

CVE-2024-10194HIGH8.7ten sam produkt

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as ...

CVE-2022-40623HIGH8.8ten sam produkt

The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF token...

CVE-2022-40621HIGH7.5ten sam produkt

Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier communicates...

CVE-2020-10972 β€” Wavlink β€” Wn530Hg4 β€” HIGH β€” CVSS 7.5 | CVEbaza.pl