CVE-2020-10974

An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000
Configurations

Configuration 1


Information

Published : 2020-05-07 06:15

Updated : 2022-04-28 07:30


NVD link : CVE-2020-10974

Mitre link : CVE-2020-10974

Products Affected
CWE