Skip to content

Latest commit

 

History

History
31 lines (18 loc) · 1.04 KB

WiFi-Repeater_Tftpd32.md

File metadata and controls

31 lines (18 loc) · 1.04 KB

0x01 Vulnerability description

A vulnerability is in the 'Tftpd32.ini' page of the Wavlink-WiFi-Repeater,Firmware package version RPTA2-77W.M4300.01.GD.2017Sep19,By constructing this link, you can get the ftp configuration file.

Unauthorized users can obtain the key information of the router by visiting:

http://xxx.xxx.xxx.xxx/Tftpd32.ini

0x02 Affected version

Wavlink-WiFi-Repeater

0x03 Vulnerability

The ftp configuration file does not have reasonable access rights settings.

0x04 PoC verification

image-20220623150043519

image-20220623155041419

image-20220623155122557

0x05 Acknowledgement

Penwei.Huang