0x01 Vulnerability description

A vulnerability is in the 'live_check.shtml' page of the AERIAL X 1200M,Firmware package version M79X3.V5030.180719

Unauthorized users can obtain the key information of the router by visiting:

http://xxx.xxx.xxx.xxx/live_check.shtml

0x02 Affected version

WAVLINK AERIAL X 1200M

0x03 Vulnerability

Under the live_check.shtml file, use the exec cmd function to execute the command

0x04 PoC verification

In the live_check.shtml interface, it contains various information of the router, such as: firmware version, MAC address, etc., and even information such as the running process of the router.

0x05 Acknowledgement

Penwei.Huang

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

WAVLINK AC1200_check_live.md

WAVLINK AC1200_check_live.md

0x01 Vulnerability description

0x02 Affected version

0x03 Vulnerability

0x04 PoC verification

0x05 Acknowledgement

Files

WAVLINK AC1200_check_live.md

Latest commit

History

WAVLINK AC1200_check_live.md

File metadata and controls

0x01 Vulnerability description

0x02 Affected version

0x03 Vulnerability

0x04 PoC verification

0x05 Acknowledgement