Lucene search
K

WAVLINK - Access Control

🗓️ 06 Jul 2026 03:02:03Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 30 Views

WAVLINK Access Control vulnerability allows unauthorized access to sensitive information without authentication leading to potential device control

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2020-10973
11 Dec 202002:16
circl
CNVD
WAVLINK WL-WN530HG4 Information Disclosure Vulnerability
8 May 202000:00
cnvd
CVE
CVE-2020-10973
7 May 202017:50
cve
Cvelist
CVE-2020-10973
7 May 202017:50
cvelist
NVD
CVE-2020-10973
7 May 202018:15
nvd
OSV
CVE-2020-10973
7 May 202018:15
osv
Prion
Authentication flaw
7 May 202018:15
prion
RedhatCVE
CVE-2020-10973
22 May 202516:08
redhatcve
id: CVE-2020-10973

info:
  name: WAVLINK - Access Control
  author: arafatansari
  severity: high
  description: |
    Wavlink WN530HG4, WN531G3, WN533A8, and WN551K are susceptible to improper access control via /cgi-bin/ExportAllSettings.sh, where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker must perform a decryption step, but all decryption information is readily available.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access to sensitive information or control of the affected device.
  remediation: |
    Apply the latest firmware update provided by the vendor to fix the access control issue.
  reference:
    - https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10973
    - https://github.com/sudo-jtcsec/Nyra
    - https://nvd.nist.gov/vuln/detail/CVE-2020-10973
    - https://github.com/Roni-Carta/nyra
    - https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10973-affected_devices
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2020-10973
    cwe-id: CWE-306
    epss-score: 0.07759
    epss-percentile: 0.93918
    cpe: cpe:2.3:o:wavlink:wn530hg4_firmware:m30hg4.v5030.191116:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: wavlink
    product: wn530hg4_firmware
    shodan-query:
      - http.html:"Wavlink"
      - http.html:"wavlink"
    fofa-query: body="wavlink"
  tags: cve,cve2020,exposure,wavlink,vuln

http:
  - raw:
      - |
        GET /backupsettings.dat HTTP/1.1
        Host: {{Hostname}}

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'Salted__'

      - type: word
        part: header
        words:
          - application/octet-stream

      - type: status
        status:
          - 200
# digest: 4b0a004830460221009eb089582d9b1a4a53cd867f549c237b98c5676d058e75bb8b19df3723526239022100a79d48fd71468c6bc14456867e253a79dc289dceaf4f92f0e4a73efcdbd26e18:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.1High risk
Vulners AI Score7.1
CVSS 25
CVSS 3.17.5
EPSS0.07759
30