CVE-2021-44260 Scanner

The WAVLINK AC1200 is a wireless router commonly used in home and small office setups, providing internet connectivity and network management features. It is manufactured by WAVLINK, a company known for producing a range of networking gear. The router supports various wireless standards and offers features such as firewall protection, parental controls, and guest networks. Small businesses often rely on such routers to ensure a balanced and accessible network for their employees. The router's web interface allows users to configure and manage network settings efficiently. It is important for users to keep the firmware updated and follow security practices to avoid any unauthorized access.

The information disclosure vulnerability in the WAVLINK AC1200 allows unauthorized access to sensitive information. This vulnerability is present in the 'live_mfg.html' page of the router's interface. A remote attacker can exploit this vulnerability to access configuration details without authentication. The issue poses a risk of exposing critical data such as MAC addresses, firmware versions, and possibly other information that contributes to the overall network security. It is crucial to mitigate this risk to prevent potential information leaks. Timely identification and resolution of such vulnerabilities are key to maintaining network security.

The vulnerability involves unauthorized access to the 'live_mfg.html' page, which resides in the router's web interface. This page can be accessed without authentication, thus leading to potential exposure of sensitive information. Parameters such as "Model", "FW_Version", and "LAN_MAC" are among the information elements vulnerable to unauthorized access. An attacker leveraging this vulnerability can confirm the presence of specific router configurations by checking for these parameters. The page responds with a successful HTTP 200 status code when these elements are present, making it detectable and exploitable. It is a critical vulnerability that needs careful attention and patch management.

Exploitation of the vulnerability may allow attackers to access sensitive information about the network, which they could use for targeted attacks or network disruptions. Information considered sensitive might be used to identify network weaknesses or plan further attacks to compromise network integrity. An attacker might harvest data such as MAC addresses and firmware details to craft malicious exploits. The lack of authentication requirement significantly increases the risk associated with this information disclosure. Overall, it can lead to a reduction in trust and reliability of network infrastructure if left unpatched.

REFERENCES

• https://github.com/zer0yu/CVE_Request/blob/master/WAVLINK/WAVLINK_AC1200_unauthorized_access_vulnerability_first.md
• https://nvd.nist.gov/vuln/detail/CVE-2021-44260