{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30702", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-23T15:56:47.034Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-18T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-18T17:00:34.808Z"}, "descriptions": [{"lang": "en", "value": "The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken authentication mechanism in its web management interface. The login page does not properly enforce session validation, allowing attackers to bypass authentication by directly accessing restricted web application endpoints through forced browsing"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.made-in-china.com/showroom/yeapook/#:~:text=Established%20in%202015.%2CDistrict%2C%20Shenzhen%2C%20Guangdong%2C%20China"}, {"url": "https://mstreet97.github.io/security-research/iot/vulnerability-disclosure/cybersecurity/cve/2026/02/18/From-Blackbox-to-Whitebox-Multiple-CVEs-in-a-Consumer-WiFi-Extender.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-285", "lang": "en", "description": "CWE-285 Improper Authorization"}]}], "references": [{"url": "https://mstreet97.github.io/security-research/iot/vulnerability-disclosure/cybersecurity/cve/2026/02/18/From-Blackbox-to-Whitebox-Multiple-CVEs-in-a-Consumer-WiFi-Extender.html", "tags": ["exploit"]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T15:37:16.313088Z", "id": "CVE-2026-30702", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T15:56:47.034Z"}}]}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken authentication mechanism in its web management interface. The login page does not properly enforce session validation, allowing attackers to bypass authentication by directly accessing restricted web application endpoints through forced browsing"}], "id": "CVE-2026-30702", "lastModified": "2026-03-23T16:16:45.750", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-18T18:16:27.860", "references": [{"source": "cve@mitre.org", "url": "https://mstreet97.github.io/security-research/iot/vulnerability-disclosure/cybersecurity/cve/2026/02/18/From-Blackbox-to-Whitebox-Multiple-CVEs-in-a-Consumer-WiFi-Extender.html"}, {"source": "cve@mitre.org", "url": "https://www.made-in-china.com/showroom/yeapook/#:~:text=Established%20in%202015.%2CDistrict%2C%20Shenzhen%2C%20Guangdong%2C%20China"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://mstreet97.github.io/security-research/iot/vulnerability-disclosure/cybersecurity/cve/2026/02/18/From-Blackbox-to-Whitebox-Multiple-CVEs-in-a-Consumer-WiFi-Extender.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "LFMZX28040922V1.02"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "wdr201a", "vendor": "shenzhen_yuner_yipu"}], "analysis": {"en": {"generated_at": "2026-03-23T17:28:34.628901+00:00", "value": {"mitigation_remediation": ["Update the device firmware to a version that resolves the authentication bypass or apply any available vendor patch.", "Disable the web management interface if it is not required for operation and block external network access to it.", "Restrict management interface access to the local network or via VPN and enforce strong network segmentation.", "Monitor device logs for unauthorized access attempts and investigate any anomalous activity promptly."], "summary": {"action": "Patch immediately", "impact": "Authentication bypass in web interface"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the WiFi Extender WDR201A model, hardware version 2.1 and firmware LFMZX28040922V1.02. No other vendors or products are identified. The device is typically deployed in residential or small\u2011business networks.", "description_and_impact": "The WiFi Extender WDR201A firmware implements a broken authentication mechanism within its web management interface. The login page does not enforce proper session validation, allowing attackers to bypass authentication by directly accessing restricted endpoints via forced browsing. The weakness is a classic authentication bypass (CWE\u2011285) and enables an attacker to gain full control of the device\u2019s configuration and settings without needing valid credentials.", "risk_and_exploitability": "The CVE carries a CVSS base score of 9.8, indicating a high\u2011severity vulnerability. The EPSS score is below 1\u202f%, suggesting that exploitation is unlikely to be widespread; however, the device is usually accessible on local networks, making forced browsing feasible for attackers with network access. The vulnerability is not listed in CISA\u2019s KEV catalog. Attackers can exploit it remotely by sending crafted HTTP requests to the management interface and bypass authentication altogether."}}}}, "created": "2026-03-19T08:57:02.380341+00:00", "title": "Broken Authentication in WiFi Extender WDR201A Web Management Interface", "updated": "2026-03-24T10:54:00.869473+00:00", "vendors": ["shenzhen_yuner_yipu", "shenzhen_yuner_yipu$PRODUCT$wdr201a"]}