Plaintext Password Exposure in Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) Web Management Interface

CVE-2021-28937 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) contains the administrator account password in plaintext. The page can be intercepted on HTTP.

Learn more about our Web App Pen Testing.