3 matches found
CVE-2022-35572
On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, and potentially other vendors/devices due to code reuse, the /SysInfo.htm URI does not require a session ID. This web page calls a showsysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS...
CVE-2022-35572
creationtimestamp| type| source ---|---|--- 2022-09-13 02:24:41+00:00| seen| https://t.me/cibsecurity/49622...
CVE-2022-35572
CVE-2022-35572 affects Linksys E5350 routers (firmware 1.0.00.037 and earlier). The /SysInfo.htm page does not require a session ID and calls show_sysinfo, exposing WPA passwords, SSIDs, MAC addresses, serial numbers, WPS pins, and hardware/firmware versions when remote management is enabled. Imp...