CVE-2020-10973 PoC — WAVLINK WL-WN530HG4 访问控制错误漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-10973.yaml

Associated Vulnerability

Title:WAVLINK WL-WN530HG4 访问控制错误漏洞 (CVE-2020-10973)
Description:Wavlink WL-WN530HG4是中国睿因科技（Wavlink）公司的一款无线网络信号扩展器。 WAVLINK WL-WN530HG4 M30HG4.V5030.191116版本中的/cgi-bin/ExportALLSettings.sh文件存在安全漏洞。攻击者可借助特制的POST请求利用该漏洞获取设备当前的配置信息，包括：管理员密码。

Description

Wavlink WN530HG4, WN531G3, WN533A8, and WN551K are susceptible to improper access control via /cgi-bin/ExportAllSettings.sh, where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker must perform a decryption step, but all decryption information is readily available.

File Snapshot


 id: CVE-2020-10973

info:
  name: WAVLINK - Access Control
  author: arafatansari
  severity: high
 

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!