WAVLINK AC1200 Router Unauthorized Access Vulnerability 1
0x01 Vulnerability description
A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router.
http://192.168.1.40/live_mfg.html
0x02 Affected version
WAVLINK AC1200
0x03 PoC verification
Visiting the corresponding page directly through the browser can reveal some key information about the device. Or you can get key information about the device by using the following command.
http://192.168.1.40/live_mfg.html
0x05 Acknowledgement
z3
