CVE-2021-28937

HIGH NUCLEI

Acexy Wireless-n Wifi Repeater Firmware - Cleartext Storage

Title source: rule

Description

The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) contains the administrator account password in plaintext. The page can be intercepted on HTTP.

Nuclei Templates (1)

Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure

HIGHby geeknik

References (2)

[Broken Link, Vendor Advisory] http://acexy.com

[Exploit, Third Party Advisory] https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990

Scores

CVSS v3 7.5

EPSS 0.3383

EPSS Percentile 97.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-312

Status published

Products (1)

acexy/wireless-n_wifi_repeater_firmware 28.08.06.1

Published Mar 29, 2021

Tracked Since Feb 18, 2026