CVE-2021-44259

A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When an unauthorized user accesses this page directly, it connects to this device as a friend of the device owner.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:wavlink:wl-wn531g3_firmware:a42w-1.27.6-20180418:*:*:*:*:*:*:*
cpe:2.3:h:wavlink:wl-wn531g3:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:30

Type Values Removed Values Added
References () https://github.com/zer0yu/CVE_Request/blob/master/WAVLINK/WAVLINK_AC1200_unauthorized_access_vulnerability_second.md - Exploit, Third Party Advisory () https://github.com/zer0yu/CVE_Request/blob/master/WAVLINK/WAVLINK_AC1200_unauthorized_access_vulnerability_second.md - Exploit, Third Party Advisory

Information

Published : 2022-03-17 13:15

Updated : 2024-11-21 06:30


NVD link : CVE-2021-44259

Mitre link : CVE-2021-44259

CVE.ORG link : CVE-2021-44259


JSON object : View

Products Affected

wavlink

  • wl-wn531g3_firmware
  • wl-wn531g3
CWE
CWE-306

Missing Authentication for Critical Function