PT-2024-36410 · Wavlink · Wavlink Wn701Ae

Published

2024-12-06

Updated

2025-10-03

CVE-2024-54745

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions WAVLINK WN701AE version M01AE V240305

Description A hardcoded password vulnerability was discovered in the /etc/shadow file, allowing attackers to log in as the root user. This issue enables unauthorized access to the system with superuser privileges.

Recommendations For WAVLINK WN701AE version M01AE V240305, consider changing the hardcoded password in the /etc/shadow file to a unique and secure password to prevent unauthorized access. As a temporary workaround, restrict access to the device until a patch is available.

Exploit

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

BDU:2026-00817

CVE-2024-54745

Affected Products

Wavlink Wn701Ae

PT-2024-36410 · Wavlink · Wavlink Wn701Ae

CVE-2024-54745

Weakness Enumeration

Related Identifiers

Affected Products

References · 9