Access Control Flaw in Wavlink WiFi-Repeater Affects Device Configurations
CVE-2022-34573

6.3MEDIUM

Key Information:

Vendor

Wavlink

Vendor
CVE Published:
25 July 2022

What is CVE-2022-34573?

An access control vulnerability in the Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 enables unauthorized users to modify device settings without proper authentication. By exploiting this weakness, attackers can gain access to the configuration page, potentially leading to unauthorized network changes and compromising device integrity.

References

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.