Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wn575a4_firmware
(Wavlink)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 2 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-05-07 | CVE-2020-10974 | An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000 | Jetstream_ac3000_firmware, Jetstream_erac3000_firmware, Wl\-Wn575a3_firmware, Wl\-Wn579g3_firmware, Wn530h4_firmware, Wn531a6_firmware, Wn535g3_firmware, Wn572hg3_firmware, Wn575a4_firmware, Wn578a2_firmware, Wn579g3_firmware, Wn579x3_firmware, Wn57x93_firmware | 7.5 | ||
2021-02-09 | CVE-2020-13117 | Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthenticated remote users to inject commands via the key parameter in a login request. | Wn575a4_firmware, Wn579x3_firmware | 9.8 |