What is CVE-2022-34046?

CVE-2022-34046 is a vulnerability in N/a. Published 2022-07-20.

Is CVE-2022-34046 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-34046

An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].

EPSS: 0.575 (98.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates

References

drive.google.com/file/d/18ECQEqZ296LDzZ0wErgqnNfen1jCn0mG/view (x_refsource_MISC)
packetstormsecurity.com/files/167890/Wavlink-WN533A8-Password-Disclosure.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-34046?: CVE-2022-34046 is a vulnerability in N/a. Published 2022-07-20.
Is CVE-2022-34046 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.