CVE-2022-34045 Scanner
CVE-2022-34045 scanner - Hard-Coded Encryption/Decryption Key vulnerability in Wavlink WN530HG4
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
The Wavlink WN530HG4 is a wireless router used to establish a secure home or office network. The device allows users to connect multiple devices to the same internet connection without any additional configuration. It is ideal for individuals who require a reliable and efficient internet service at home or in the office. The WN530HG4 features a high-speed data transfer rate and comes with an easy-to-use interface for convenient handling.
The vulnerability code identified in the Wavlink WN530HG4 is CVE-2022-34045. This refers to a hardcoded encryption/decryption key found within the device's configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh. This exposed encryption key can be utilized by attackers to gain unauthorized access to the device and obtain confidential user information. The vulnerability was discovered in version M30HG4.V5030.191116 of the firmware.
A successful exploitation of this vulnerability can lead to the compromise of the device's security and enable hackers to steal sensitive information such as usernames and passwords. Once hackers have obtained these details, they can use them to commit identity theft, data breaches, and other cyber attacks. The vulnerability exposed by the hardcoded encryption/decryption key can also lead to unauthorized access and control of the device by cybercriminals.
In conclusion, the Wavlink WN530HG4 is a wireless router designed to provide reliable and secure internet access. However, the CVE-2022-34045 vulnerability detected within the device's firmware exposes users to potential cyber attacks. By updating the device firmware and taking the necessary precautions, users can protect their digital assets and prevent unauthorized access by hackers. s4e.io offers a comprehensive platform with pro features that can help users quickly and easily identify vulnerabilities in their digital assets, thereby preventing potential cyber attacks or data breaches.
REFERENCES
