Wn575a4_firmware - Vulncode-DB

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	2

Date	Id	Summary	Products	Score	Patch	Annotated
2020-05-07	CVE-2020-10974	An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000	Jetstream_ac3000_firmware, Jetstream_erac3000_firmware, Wl\-Wn575a3_firmware, Wl\-Wn579g3_firmware, Wn530h4_firmware, Wn531a6_firmware, Wn535g3_firmware, Wn572hg3_firmware, Wn575a4_firmware, Wn578a2_firmware, Wn579g3_firmware, Wn579x3_firmware, Wn57x93_firmware	7.5
2021-02-09	CVE-2020-13117	Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthenticated remote users to inject commands via the key parameter in a login request.	Wn575a4_firmware, Wn579x3_firmware	9.8