top of page

Wavlink WN530HG4 Information Disclosure (CVE-2022-34047)

Appliance Details

Wavlink WN530HG4 is an AC1200 high power Dual Band Gigabit Router.


Wavlink WN530HG4 could allow a remote attacker to obtain sensitive information, caused by improper access control in the IP_ADDRESS/set_safety.shtml endpoint.


By searching for searching for [var syspasswd], an attacker could exploit this vulnerability to obtain usernames and passwords, and use this information to launch further attacks against the affected system.

GET /set_safety.shtml?r=52300


By turning this into a traffic file and matching rule, we are able to detect unauthorised attempts in the disclosure of device administrator credentials (usernames and passwords).


Idappcom has created signature 8022957 along with a traffic file.


Traffic IQ

If you are concerned that your business may be at risk of this vulnerability, or others, why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here:


bottom of page