Auth bypass in Wavlink Wn530hg4
CVE-2020-10972
An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page (a certain live_?.shtml page with the variabl…
Vulnerability class: Broken Authentication
EPSS: 0.017 (74.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Wavlink Wn530hg4
- Wavlink Wn530hg4_firmware — versions m30hg4.v5030.191116
- Wavlink Wn531g3
- Wavlink Wn531g3_firmware
- Wavlink Wn572hg3
- Wavlink Wn572hg3_firmware
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- cve@mitre.org (Third Party Advisory, x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC, Broken Link)
- cve@mitre.org (Third Party Advisory, x_refsource_MISC, Not Applicable)
- cve@mitre.org (Third Party Advisory, x_refsource_MISC)
Frequently asked questions
- What is CVE-2020-10972?
- CVE-2020-10972 is a high-severity vulnerability in Wavlink Wn530hg4, classified under Missing Authentication for Critical Function. CVSS score: 7.5/10. Published 2020-05-07.
- How severe is CVE-2020-10972?
- High severity. CVSS v3 base score is 7.5 out of 10.
- Is CVE-2020-10972 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.