cve/CVE-2020-10972.md at eda58812c5773678e9432b65209fee245db925e7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 11:06:19 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page (a certain live_?.shtml page with the variable syspasswd). Affected Devices: Wavlink WN530HG4, Wavlink WN531G3, and Wavlink WN572HG3

POC

Reference

No PoCs from references.

Github

https://github.com/bubbadestroy/Jetstream_AC3000
https://github.com/sudo-jtcsec/CVE

824 B Raw Blame History

CVE-2020-10972

Description

POC

Reference

Github

824 B

Raw Blame History