CVE-2020-10974

An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3,...

PT-2022-22886 · Wavlink · Wavlink Wn530H4 +4

Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue concerns a lack of filtering on the del mac and flag parameters in the firewall.cgi, leading to command injection in the /cli black...