Lucene search
HistoryJul 20, 2022 - 5:15 p.m.
CVE-2022-34046
cve-2022-34046
access control
wavlink wn533a8
security vulnerability
username
password
nvd
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.143 Low
EPSS
Percentile
95.8%
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].
Affected configurations
Node
wavlinkwn533a8_firmwareMatchm33a8.v5030.190716
wavlinkwn533a8Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| wavlink:wn533a8_firmware | wavlink wn533a8 firmware | eq | m33a8.v5030.190716 |
References
Social References
More
Related
nvd
nvd
CVE-2022-34046
2022-07-20 17:15:08
nuclei
nuclei
WAVLINK WN533A8 - Improper Access Control
2022-07-20 19:52:19
prion
prion
Design/Logic Flaw
2022-07-20 17:15:00
cvelist
cvelist
CVE-2022-34046
2022-07-20 16:50:17
packetstorm
packetstorm
Wavlink WN533A8 Password Disclosure
2022-08-01 00:00:00
zdt
zdt
Wavlink WN533A8 - Password Disclosure Vulnerability
2022-08-01 00:00:00
exploitdb
exploitdb
Wavlink WN533A8 - Password Disclosure
2022-08-01 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.143 Low
EPSS
Percentile
95.8%
Related for CVE-2022-34046