2023-09-22 16:06:05
XI
PUBLISHED
Credential disclosure in the /webs/userpasswd.htm endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.4 and V1.0.5 allows an authenticated attacker to leak the password for the administrative account via requests to the vulnerable endpoint.