Vulnerabilities > CVE-2022-34046 - Incorrect Authorization vulnerability in Wavlink Wn533A8 Firmware M33A8.V5030.190716
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Hardware | 1 |
Common Weakness Enumeration (CWE)
References
- http://packetstormsecurity.com/files/167890/Wavlink-WN533A8-Password-Disclosure.html
- http://packetstormsecurity.com/files/167890/Wavlink-WN533A8-Password-Disclosure.html
- https://drive.google.com/file/d/18ECQEqZ296LDzZ0wErgqnNfen1jCn0mG/view?usp=sharing
- https://drive.google.com/file/d/18ECQEqZ296LDzZ0wErgqnNfen1jCn0mG/view?usp=sharing