CVE-2020-10973

An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker must perform a decryption step, but all decryption information is readily available.
Configurations

Configuration 1


Information

Published : 2020-05-07 06:15

Updated : 2022-04-28 07:30


NVD link : CVE-2020-10973

Mitre link : CVE-2020-10973

Products Affected
CWE