Access Control Flaw in Wavlink WiFi-Repeater Products
CVE-2022-34572

5.7MEDIUM

Key Information:

Vendor

Wavlink

Vendor
CVE Published:
25 July 2022

What is CVE-2022-34572?

A dangerous access control vulnerability exists in the Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19. This flaw allows unauthorized users to access sensitive information, notably the telnet password, by retrieving it through the tftp.txt file. Such exposure can enable potential attackers to exploit the device and compromise network security.

References

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-34572 : Access Control Flaw in Wavlink WiFi-Repeater Products