Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

WAVLINK AC1200 Router Unauthorized Access Vulnerability 1

0x01 Vulnerability description

A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router.

http://192.168.1.40/live_mfg.html

0x02 Affected version

WAVLINK AC1200

0x03 PoC verification

Visiting the corresponding page directly through the browser can reveal some key information about the device. Or you can get key information about the device by using the following command.

http://192.168.1.40/live_mfg.html

-w683

0x05 Acknowledgement

z3