CVE-2020-12127

An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Common Weakness Enumeration
References
https://cerne.xyz/bugs/CVE-2020-12127
https://www.wavlink.com/en_us/product/WL-WN530H4.html
https://cerne.xyz/bugs/CVE-2020-12127
https://www.wavlink.com/en_us/product/WL-WN530H4.html