Vulnerability Description
An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wavlink | Wl-Wn575A3 Firmware | rpt75a3.v4300.180801 |
| Wavlink | Wl-Wn575A3 | - |
| Wavlink | Wl-Wn579G3 Firmware | m79x3.v5030.180719 |
| Wavlink | Wl-Wn579G3 | - |
| Wavlink | Wn531A6 Firmware | - |
| Wavlink | Wn531A6 | - |
| Wavlink | Wn535G3 Firmware | - |
| Wavlink | Wn535G3 | - |
| Wavlink | Wn530H4 Firmware | - |
| Wavlink | Wn530H4 | - |
| Wavlink | Wn57X93 Firmware | - |
| Wavlink | Wn57X93 | - |
| Wavlink | Wn572Hg3 Firmware | - |
| Wavlink | Wn572Hg3 | - |
| Wavlink | Wn575A4 Firmware | - |
| Wavlink | Wn575A4 | - |
| Wavlink | Wn578A2 Firmware | - |
| Wavlink | Wn578A2 | - |
| Wavlink | Wn579G3 Firmware | - |
| Wavlink | Wn579G3 | - |
Related Weaknesses (CWE)
References
- https://github.com/Roni-Carta/nyraNot ApplicableThird Party Advisory
- https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10974Third Party Advisory
- https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10974-affected_devicesThird Party Advisory
- https://github.com/sudo-jtcsec/NyraBroken Link
- https://github.com/Roni-Carta/nyraNot ApplicableThird Party Advisory
- https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10974Third Party Advisory
- https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10974-affected_devicesThird Party Advisory
- https://github.com/sudo-jtcsec/NyraBroken Link
FAQ
What is CVE-2020-10974?
CVE-2020-10974 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is...
How severe is CVE-2020-10974?
CVE-2020-10974 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-10974?
Check the references section above for vendor advisories and patch information. Affected products include: Wavlink Wl-Wn575A3 Firmware, Wavlink Wl-Wn575A3, Wavlink Wl-Wn579G3 Firmware, Wavlink Wl-Wn579G3, Wavlink Wn531A6 Firmware.