CVE-2022-48165

Name of the Vulnerable Software and Affected Versions Wavlink WL-WN530H4 M30H4.V5030.210121

Description The issue is related to an access control problem in the "/cgi-bin/ExportLogs.sh" component, allowing unauthenticated attackers to download configuration data, log files, and obtain admin credentials.

Recommendations For Wavlink WL-WN530H4 M30H4.V5030.210121, consider restricting access to the "/cgi-bin/ExportLogs.sh" component until a patch is available. As a temporary workaround, limit the exposure of the device to the internet and avoid using the default admin credentials. At the moment, there is no information about a newer version that contains a fix for this vulnerability.