CVE-2021-44260

HIGH NUCLEI

Wavlink Wl-wn531g3 Firmware - Missing Authentication

Title source: rule

Description

A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router.

Nuclei Templates (1)

WAVLINK AC1200 - Information Disclosure

HIGHby ritikchaddha

FOFA: body="AC1200" && body="wavlink"

References (1)

[Exploit, Third Party Advisory] https://github.com/zer0yu/CVE_Request/blob/master/WAVLINK/WAVLINK_AC1200_unauthorized_access_vulnerability_first.md

View Exploit ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.2637

EPSS Percentile 96.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-306

Status published

Products (1)

wavlink/wl-wn531g3_firmware a42w-1.27.6-20180418

Published Mar 17, 2022

Tracked Since Feb 18, 2026