Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-12127 PoC — WAVLINK 信息泄露漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-12127.yaml
Associated Vulnerability
Title:WAVLINK 信息泄露漏洞 (CVE-2020-12127)
Description:WAVLINK wavlink是中国睿因科技(WAVLINK)公司的一款路由器。连接两个或多个网络的硬件设备,在网络间起网关的作用。 WAVLINK存在信息泄露漏洞。该漏洞源于网络系统或产品在运行过程中存在配置等错误。未授权的攻击者可利用漏洞获取受影响组件敏感信息。以下产品及版本受到影响:WN530H4 M30H4.V5030.190403版本。
Description
WAVLINK WN530H4 M30H4.V5030.190403 contains an information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint. This can allow an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.
File Snapshot

 id: CVE-2020-12127

info:
  name: WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure
  auth

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.