Vulnerability Details CVE-2022-48165
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.792
EPSS Ranking 99.0%
CVSS Severity
CVSS v3 Score 7.5
References
- https://docs.google.com/document/d/1HD4GKumkZpa6FNHuf0QQSKFvoYhCfwXpbyWiJdx1VtE/edit?usp=sharing
- https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WL-WN530H4.md
- https://docs.google.com/document/d/1HD4GKumkZpa6FNHuf0QQSKFvoYhCfwXpbyWiJdx1VtE/edit?usp=sharing
- https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WL-WN530H4.md
Products affected by CVE-2022-48165
-
cpe:2.3:h:wavlink:wl-wn530h4:-
-
cpe:2.3:o:wavlink:wl-wn530h4_firmware:m30h4.v5030.210121