Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-34575: CVE_Request/WiFi-Repeater_fctest.md at main · pghuanghui/CVE_Request

An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing fctest.shtml.

CVE
Open in Source
#vulnerability#auth#wifi

Permalink

Cannot retrieve contributors at this time

0x01 Vulnerability description

A vulnerability is in the ‘fctest.shtml’ page of the Wavlink-WiFi-Repeater,Firmware package version RPTA2-77W.M4300.01.GD.2017Sep19,Information about the repeater can be obtained by accessing the constructed URL.

Unauthorized users can obtain the key information of the router by visiting:

http://xxx.xxx.xxx.xxx/fctest.shtml

0x02 Affected version****0x03 Vulnerability

When the router is running, all the operations of the user are stored in the syslog.shtml page, and the identity verification process is not performed

0x04 PoC verification

0x05 Acknowledgement

Penwei.Huang

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE