CVE-2024-38892

An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component...

CVE-2024-38892

An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component...

CVE-2024-38892

An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component...

CVE-2024-38892

The CVE-2024-38892 relates to the WAVLINK WN551K1 router, where the ExportAllSettings.sh component exposes sensitive information. The Red Hat/CNVD/CNNVD entries and other sources consistently describe an information-disclosure issue arising from ExportAllSettings.sh, enabling remote attackers to ...

WAVLINK WN551K1 安全漏洞

The WAVLINK WN551K1 is a wireless router from China's RuiYin Technology WAVLINK. The WAVLINK WN551K1 suffers from an information disclosure vulnerability that originates in the ExportAllSettings.sh component, which is not sufficiently protected against sensitive information and can be exploited b...

VulnCheck KEV: CVE-2022-31847

A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request...

CVE-2022-34576

A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request...

Hardcoded credentials

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...

CVE-2022-31847

A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request...

PT-2022-20955 · Wavlink · Wavlink Wn579X3

Name of the Vulnerable Software and Affected Versions: WAVLINK WN579 X3 M79X3.V5030.180719 Description: A vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint allows attackers to obtain sensitive router information via a crafted POST request. Recommendations: For WAVLINK WN579 X3...

WAVLINK WL-WN530HG4 Information Disclosure Vulnerability

WAVLINK WL-WN530HG4 is a wireless network signal extender from China RuiYin Technology WAVLINK. A security vulnerability exists in the /cgi-bin/ExportALLSettings.sh file in WAVLINK WL-WN530HG4 M30HG4.V5030.191116 version. An attacker can exploit this vulnerability with the help of a specially...

CVE-2020-10973

An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacke...