CVE-2022-34047

HIGH NUCLEI

Wavlink WN530HG4 M30HG4.V5030.191116 - Info Disclosure

Title source: llm

Description

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].

Exploits (1)

exploitdb WORKING POC

by Ahmed Alroky · textwebappshardware

https://www.exploit-db.com/exploits/50991

View Code ZIP pw:eip

Nuclei Templates (1)

WAVLINK WN530HG4 - Improper Access Control

HIGHVERIFIEDby For3stCo1d

Shodan: http.title:"Wi-Fi APP Login" || http.html:"wn530hg4" || http.title:"wi-fi app login"

FOFA: body="wn530hg4" || title="wi-fi app login"

References (2)

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/167891/Wavlink-WN530HG4-Password-Disclosure.html

[Exploit, Third Party Advisory] https://drive.google.com/file/d/1sTQdUc12aZvJRFeb5wp8AfPdUEkkU9Sy/view?usp=sharing

Scores

CVSS v3 7.5

EPSS 0.5918

EPSS Percentile 98.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-668

Status published

Affected Products (1)

wavlink/wl-wn530hg4_firmware

Timeline

Published Jul 20, 2022

Tracked Since Feb 18, 2026