PT-2024-28266 · Wavlink · Wavlink Wn551K1
Published
2024-06-24
·
Updated
2024-07-03
·
CVE-2024-38895
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
WAVLINK WN551K1 version not specified
Description
The issue allows attackers to obtain sensitive router information through the 'live mfg.shtml' endpoint.
Recommendations
For WAVLINK WN551K1, restrict access to the 'live mfg.shtml' endpoint to minimize the risk of exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wavlink Wn551K1