This vulnerability is an Incorrect Access Control in the WAVLINK WN530H4 router.

Otherwise known as an Authentication Bypass Vulnerability, this vulnerability can allow an unauthenticated user to access arbitrary endpoints in /cgi-bin/ without being logged into the router interface. This means, successful logins aren’t checked and arbitrary users can access these endpoints for malicious purposes. Here is a list of endpoints I checked, each vulnerable to this:

The endpoint /cgi-bin/adm.cgi is not vulnerable to this attack. I haven’t checked for other vulnerabilities in this endpoint, but there could be some more.

For more information and vulnerability analysis, please see my report on the WAVLINK WN530H4.