Vulnerability Details CVE-2020-12127
An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.303
EPSS Ranking 96.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-12127
-
cpe:2.3:h:wavlink:wn530h4:-
-
cpe:2.3:o:wavlink:wn530h4_firmware:m30h4.v5030.190403