CVE-2026-30701 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The web interface of the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) contains hardcoded credential disclosure mechanisms (in the form of Server Side…
Critical CVSS: 9.1

CVE-2026-30701

The web interface of the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) contains hardcoded credential disclosure mechanisms (in the form of Server Side Include) within multiple server-side web pages, including login.shtml and settings.shtml. These pages embed server-side execution directives that dynamically retrieve and expose the web administration password from non-volatile memory at runtime.
Vendor
-
Product
-
CWE
CWE-798
Yayın Tarihi
2026-03-18 18:16:27
Güncelleme
2026-03-23 16:16:45
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-798 CRITICAL 2026

Referanslar

https://mstreet97.github.io/security-research/iot/vulnerability-disclosure/cybersecurity/cve/2026/02/18/From-Blackbox-to-Whitebox-Multiple-CVEs-in-a-Consumer-WiFi-Extender.html https://www.made-in-china.com/showroom/yeapook/#:~:text=Established%20in%202015.%2CDistrict%2C%20Shenzhen%2C%20Guangdong%2C%20China https://mstreet97.github.io/security-research/iot/vulnerability-disclosure/cybersecurity/cve/2026/02/18/From-Blackbox-to-Whitebox-Multiple-CVEs-in-a-Consumer-WiFi-Extender.html