8 matches found
CVE-2020-10972
An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page a certain live?.shtml page with the variable syspasswd. Affected Devices: Wavlink WN530HG4, Wavlink...
WAVLINK WN531G3 安全漏洞
The WAVLINK WN531G3 is a wireless router from China's RuiYin Technology WAVLINK. The WAVLINK WN531G3 M31G3.V5030.201204 version and M31G3.V5030.200325 version contain an access control error vulnerability that can be exploited by an attacker to download configuration data and log files...
WAVLINK WN531G3 跨站请求伪造漏洞
The WAVLINK WN531G3 is a wireless router from China-based RuiYin Technology WAVLINK. A security vulnerability exists in WAVLINK WN531G3 firmware version M31G3.V5030.200325 and prior versions, which stems from the non-use of anti-CSRF tokens, and when used in conjunction with other issues such as...
CVE-2020-10972
An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page a certain live?.shtml page with the variable syspasswd. Affected Devices: Wavlink WN530HG4, Wavlink...
CVE-2020-10972
An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page a certain live?.shtml page with the variable syspasswd. Affected Devices: Wavlink WN530HG4, Wavlink...
Authentication flaw
An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page a certain live?.shtml page with the variable syspasswd. Affected Devices: Wavlink WN530HG4, Wavlink...
CVE-2020-10972
An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page a certain live?.shtml page with the variable syspasswd. Affected Devices: Wavlink WN530HG4, Wavlink...
CVE-2020-10972
CVE-2020-10972 describes an information-disclosure flaw where an unauthenticated page exposes the current administrator password in cleartext within the page source (live_?.shtml with the variable syspasswd). Affected devices include Wavlink WN530HG4, WN531G3, and WN572HG3. Public sources in the ...