Description
The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) exposes an unprotected UART interface through accessible hardware pads on the PCB
Published: 2026-03-18
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Potential device takeover via open UART interface
Action: Assess impact
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Title Unprotected UART Interface in Yeapook WDR201A WiFi Extender (CVE-2026-30704)

Thu, 19 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-912
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 19 Mar 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Shenzhen Yuner Yipu
Shenzhen Yuner Yipu wifi Extender Wdr201a
Vendors & Products Shenzhen Yuner Yipu
Shenzhen Yuner Yipu wifi Extender Wdr201a

Wed, 18 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
Description The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) exposes an unprotected UART interface through accessible hardware pads on the PCB
References

Subscriptions

Shenzhen Yuner Yipu Wifi Extender Wdr201a
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-19T14:35:45.872Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30704

cve-icon Vulnrichment

Updated: 2026-03-19T14:35:41.070Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-18T18:16:28.077

Modified: 2026-03-19T15:16:26.580

Link: CVE-2026-30704

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:53:59Z

Weaknesses