CVE-2020-12126

Name of the Vulnerable Software and Affected Versions WAVLINK WN530H4 M30H4.V5030.190403

Description The issue concerns multiple authentication bypass vulnerabilities. An attacker can exploit the /cgi-bin/ endpoint to leak router settings, change configuration variables, and cause denial of service. This can be achieved via an unauthenticated endpoint, posing a significant risk.

Recommendations For WAVLINK WN530H4 M30H4.V5030.190403, consider restricting access to the /cgi-bin/ endpoint until a patch is available. As a temporary workaround, limit changes to configuration variables and monitor router settings closely to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.