Unauthenticated Access to 'live_mfg.html' Page in WAVLINK AC1200 Router

Unauthenticated Access to 'live_mfg.html' Page in WAVLINK AC1200 Router

CVE-2021-44260 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router.

Learn more about our Web Application Penetration Testing UK.