CVE-2022-48165

Vulnerability

The Wavlink WL-WN530H4 router running firmware version M30H4.V5030.210121 contains an access control vulnerability in the /cgi-bin/ExportLogs.sh endpoint. This endpoint is accessible without any authentication, allowing any unauthenticated user to trigger the download of configuration data and log files [1].

Exploitation

An attacker can exploit this vulnerability by simply sending a GET request to http:///cgi-bin/ExportLogs.sh from any network position that can reach the router's management interface. No authentication, user interaction, or special privileges are required [1].

Impact

Successful exploitation enables the attacker to download the router's configuration data and log files, which contain administrator credentials. With these credentials, the attacker can log into the device's dashboard and gain full administrative control over the router, leading to complete compromise of the device and potentially the network it serves [1].

Mitigation

As of the publication date, no firmware update has been released to address this issue. Users should restrict network access to the management interface, disable remote administration if possible, and monitor for any official patches from Wavlink [1].