CVE-2020-12127
published 2020-10-02CVE-2020-12127: An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak…
PriorityP355high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
6.44%
92.9th percentile
An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wavlink | wn530h4_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Send an unauthenticated HTTP GET request to /cgi-bin/ExportAllSettings.sh and check for HTTP 200 response containing all of the following strings in the body: 'Login=', 'Password=', 'Model=', 'AuthMode=' ↗
- →Shodan/FOFA fingerprinting: identify exposed WAVLINK devices via HTTP response body containing 'Wavlink' or 'wavlink' ↗
- ·Vulnerability is specific to firmware version M30H4.V5030.190403 on the WAVLINK WN530H4 device; other firmware versions may not be affected. ↗
- ·The endpoint requires no authentication (CWE-306), meaning any network-reachable attacker can exploit it without credentials. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure
nuclei·CVSS 7.5
CVE-2020-12127 [HIGH] WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure
WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure
WAVLINK WN530H4 M30H4.V5030.190403 contains an information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint. This can allow an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.
Template:
id: CVE-2020-12127
info:
name: WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure
author: arafatansari
severity: high
description: |
WAVLINK WN530H4 M30H4.V5030.190403 contains an information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint. This can allow an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.
impact:
No writeups or analysis indexed.
2020-10-02
Published