Insufficiently Protected Credentials
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V188.8.131.52 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts.
CWE-522 - Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.