ГлавнаяУязвимости → CVE-2020-37097
7.5высокая

CVE-2020-37097

Описание

Edimax EW-7438RPn 1.13 contains an information disclosure vulnerability that exposes WiFi network configuration details through the wlencrypt_wiz.asp file. Attackers can access the script to retrieve sensitive information including WiFi network name and plaintext password stored in device configuration variables.

Затрагиваемое ПО
Edimax Ew-7438rpn mini firmwareEdimax Ew-7438rpn mini
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/https://www.exploit-db.com/exploits/48365https://www.vulncheck.com/advisories/edimax-ew-rpn-information-disclosure-wifi-password