CVE-2021-28936

The Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) Web management administrator password can be changed by sending a specially crafted HTTP GET request. The administrator username has to be known (default:admin) whereas no previous authentication is required.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:acexy:wireless-n_wifi_repeater_firmware:28.08.06.1:*:*:*:*:*:*:*
cpe:2.3:h:acexy:wireless-n_wifi_repeater:1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 06:00

Type Values Removed Values Added
References () http://acexy.com - Broken Link () http://acexy.com - Broken Link
References () http://wireless-n.com - Broken Link () http://wireless-n.com - Broken Link
References () https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990 - Exploit, Third Party Advisory () https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990 - Exploit, Third Party Advisory

Information

Published : 2021-03-29 13:15

Updated : 2024-11-21 06:00


NVD link : CVE-2021-28936

Mitre link : CVE-2021-28936

CVE.ORG link : CVE-2021-28936


JSON object : View

Products Affected

acexy

  • wireless-n_wifi_repeater_firmware
  • wireless-n_wifi_repeater
CWE
CWE-863

Incorrect Authorization