Vulnerability Details CVE-2022-48164
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.831
EPSS Ranking 99.2%
CVSS Severity
CVSS v3 Score 7.5
References
- https://docs.google.com/document/d/1JgqpBYRxyU0WKDSqkvi4Yo0723k7mrIUeuH9i1eEs8U/edit?usp=sharing
- https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WN533A8.md
- https://docs.google.com/document/d/1JgqpBYRxyU0WKDSqkvi4Yo0723k7mrIUeuH9i1eEs8U/edit?usp=sharing
- https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WN533A8.md
Products affected by CVE-2022-48164
-
cpe:2.3:h:wavlink:wl-wn533a8:-
-
cpe:2.3:o:wavlink:wl-wn533a8_firmware:m33a8.v5030.190716