This vulnerability is an Information Disclosure vulnerability in the WAVLINK WN530H4 router.
There is an information leak located at the endpoint /cgi-bin/ExportAllSettings.sh. In this information leak, you can download all of the router settings, and even gain access to the username and password that is set.
The file appears to be a key-value pair with all of the router settings. This seems to be an intended feature from the router developers, however, the authentication bypass vulnerability causes this endpoint to be exposed. It is my opinion that regardless of the auth bypass, this endpoint should not be exposed – especially with unhashed passwords. Only information that can be directly configurable by the router’s administrator should be exposed for backup purposes.
Here is a sample of the data returned by that endpoint.
#The following line must not be removed. ##RT2860CONF Default WebInit=1 LOGO1=images/WAVLINK-logo.png LOGO2=images/WAVLINK-logo.gif HostName=WAVLINK Login=admin2860 Password=Cerne123! Login_def=admin Password_def=admin ...
For more information and vulnerability analysis, please see my report on the WAVLINK WN530H4.