Vulnerabilities > CVE-2022-34047 - Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.191116
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Hardware | 1 |
Common Weakness Enumeration (CWE)
References
- http://packetstormsecurity.com/files/167891/Wavlink-WN530HG4-Password-Disclosure.html
- http://packetstormsecurity.com/files/167891/Wavlink-WN530HG4-Password-Disclosure.html
- https://drive.google.com/file/d/1sTQdUc12aZvJRFeb5wp8AfPdUEkkU9Sy/view?usp=sharing
- https://drive.google.com/file/d/1sTQdUc12aZvJRFeb5wp8AfPdUEkkU9Sy/view?usp=sharing