CVE-2023-29708

Name of the Vulnerable Software and Affected Versions WavLink WavRouter version RPT70HA1.x

Description An issue was discovered in "/cgi-bin/adm.cgi" that allows attackers to force a factory reset via a crafted payload.

Recommendations For WavLink WavRouter version RPT70HA1.x, as a temporary workaround, consider restricting access to the "/cgi-bin/adm.cgi" endpoint until a patch is available. Avoid using crafted payloads in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.