CVE-2026-30702
Description
AI Translation Available
The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken authentication mechanism in its web management interface. The login page does not properly enforce session validation, allowing attackers to bypass authentication by directly accessing restricted web application endpoints through forced browsing
https://mstreet97.github.io/security-research/iot/vulnerability-disclosure/cybe…
https://www.made-in-china.com/showroom/yeapook/#:~:text=Established%20in%202015…