An issue exists affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wavlink wl-wn575a3_firmware rpt75a3.v4300.180801 |
||
wavlink wl-wn579g3_firmware m79x3.v5030.180719 |
||
wavlink wn531a6_firmware - |
||
wavlink wn535g3_firmware - |
||
wavlink wn530h4_firmware - |
||
wavlink wn57x93_firmware - |
||
wavlink wn572hg3_firmware - |
||
wavlink wn575a4_firmware - |
||
wavlink wn578a2_firmware - |
||
wavlink wn579g3_firmware - |
||
wavlink wn579x3_firmware - |
||
wavlink jetstream_ac3000_firmware - |
||
wavlink jetstream_erac3000_firmware - |