Lucene search

[email protected]CVE-2022-34572

HistoryJul 25, 2022 - 10:15 p.m.

CVE-2022-34572

2022-07-2522:15:08

CWE-425

[email protected]

web.nvd.nist.gov

cve-2022-34572

wavlink

wifi-repeater

access control

telnet

security issue

vulnerability

5.7 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the telnet password via accessing the page tftp.txt.

Affected configurations

NVD

Node

wavlinkwifi-repeater_firmwareMatchrpta2-77w.m4300.01.gd.2017sep19

CPENameOperatorVersion
wavlink:wifi-repeater_firmwarewavlink wifi-repeater firmwareeqrpta2-77w.m4300.01.gd.2017sep19

CPE	Name	Operator	Version
wavlink:wifi-repeater_firmware	wavlink wifi-repeater firmware	eq	rpta2-77w.m4300.01.gd.2017sep19

References

github.com/pghuanghui/CVE_Request/blob/main/WiFi-Repeater/WiFi-Repeater_syslog.shtml.assets/WiFi-Repeater_tftp.md

www.wavlink.com/en_us/category/REPEATER.html

Social References

5.7 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2022-34572

nvd1 prion1 cvelist1