Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WAVLINK WL-WN579G3 和 WL-WN575A3 访问控制错误漏洞
Vulnerability Description
Wavlink WAVLINK WL-WN579G3和WL-WN575A3都是中国睿因科技(Wavlink)公司的一款无线网络信号扩展器。 WAVLINK WL-WN579G3 - M79X3.V5030.180719版本和WL-WN575A3 - RPT75A3.V4300.180801版本中的备份功能存在安全漏洞。攻击者可借助特制的POST请求利用该漏洞获取设备明文形式的当前配置,包括:管理员密码。
CVSS Information
N/A
Vulnerability Type
N/A