Unauthorized Access Vulnerability in WAVLINK AC1200 Router
CVE-2021-44260

7.5HIGH

Key Information:

Vendor: Wavlink
Status: Wl-wn531g3 Firmware
Vendor: CVE Published:; 17 March 2022

What is CVE-2021-44260?

The WAVLINK AC1200 router contains a vulnerability in the 'live_mfg.html' page that permits remote attackers to access sensitive information without authentication. This exposure compromises the privacy and security of the router manager's details, potentially allowing malicious actors to exploit the router's configuration or information. Users of this router version should take immediate action to secure their devices and prevent unauthorized access.

References

https://github.com/zer0yu/CVE_Request/blob/master/WAVLINK...

x_refsource_MISC

EPSS Score

35% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 17, 2022
Vulnerability Reserved
Nov 29, 2021

Wavlink

What is CVE-2021-44260?

References

EPSS Score

CVSS V3.1

Timeline