Vulnerabilities > CVE-2022-48165 - Unspecified vulnerability in Wavlink Wl-Wn530H4 Firmware M30H4.V5030.210121

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

wavlink

NVD

Published: 2023-02-03

Updated: 2023-02-13

Summary

An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.

Vulnerable Configurations

Part	Description	Count
OS	Wavlink Wavlink WL Wn530H4 Firmware M30H4.V5030.210121	1
Hardware	Wavlink Wavlink WL Wn530H4 -	1

References

https://docs.google.com/document/d/1HD4GKumkZpa6FNHuf0QQSKFvoYhCfwXpbyWiJdx1VtE/edit?usp=sharing
https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WL-WN530H4.md