exploitDog

CVE-2020-37097

Опубликовано: 03 фев. 2026

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Edimax EW-7438RPn 1.13 contains an information disclosure vulnerability that exposes WiFi network configuration details through the wlencrypt_wiz.asp file. Attackers can access the script to retrieve sensitive information including WiFi network name and plaintext password stored in device configuration variables.

Ссылки

https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/
Product
https://www.exploit-db.com/exploits/48365
Exploit
Third Party Advisory
VDB Entry
https://www.vulncheck.com/advisories/edimax-ew-rpn-information-disclosure-wifi-password
Broken Link

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:edimax:ew-7438rpn_mini_firmware:1.13:*:*:*:*:*:*:*

cpe:2.3:h:edimax:ew-7438rpn_mini:-:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00386

Низкий

7.5 High

CVSS3

Дефекты

CWE-522

Связанные уязвимости

GHSA-cvfp-9537-pwmr

CVSS3: 7.5

github

5 месяцев назад

Edimax EW-7438RPn 1.13 contains an information disclosure vulnerability that exposes WiFi network configuration details through the wlencrypt_wiz.asp file. Attackers can access the script to retrieve sensitive information including WiFi network name and plaintext password stored in device configuration variables.

EPSS

Процентиль: 30%

0.00386

Низкий

7.5 High

CVSS3

Дефекты

CWE-522