CVE-2023-29708
published 2023-06-22CVE-2023-29708: An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload.
PriorityP347high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
15.28%
96.4th percentile
An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wavlink | wavrouter_app | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/shellpei/WAVLINK-Reset/blob/main/CVE-2023-29708https://holistic-height-e6d.notion.site/WAVLINK-Wi-Fi-APP-Arbitrary-factory-reset-vulnerability-b2d747693a7442aaa8b045e57bbd8297https://github.com/shellpei/WAVLINK-Reset/blob/main/CVE-2023-29708https://holistic-height-e6d.notion.site/WAVLINK-Wi-Fi-APP-Arbitrary-factory-reset-vulnerability-b2d747693a7442aaa8b045e57bbd8297
2023-06-22
Published