← volver
CVE-2020-10974

CVE-2020-10974

EPSS 1.7%
An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/Roni-Carta/nyrahttps://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10974https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10974-affected_deviceshttps://github.com/sudo-jtcsec/Nyra