Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wavlink wn579x3 firmware - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-13117
Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthenticated remote users to inject commands via the key parameter in a login request.
Wavlink Wn575a4 Firmware
Wavlink Wn579x3 Firmware
9.8
CVSSv3
CVE-2023-3380
A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remote...
Wavlink Wn579x3 Firmware
7.5
CVSSv3
CVE-2022-31847
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows malicious users to obtain sensitive router information via a crafted POST request.
Wavlink Wn579x3 Firmware M79x3.v5030.180719
7.5
CVSSv3
CVE-2022-34570
WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows malicious users to obtain the key information via accessing the messages.txt page.
Wavlink Wl-wn579x3 Firmware M79x3.v5030.191012
7.5
CVSSv3
CVE-2020-10974
An issue exists affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink ...
Wavlink Wl-wn575a3 Firmware Rpt75a3.v4300.180801
Wavlink Wl-wn579g3 Firmware M79x3.v5030.180719
Wavlink Wn531a6 Firmware -
Wavlink Wn535g3 Firmware -
Wavlink Wn530h4 Firmware -
Wavlink Wn57x93 Firmware -
Wavlink Wn572hg3 Firmware -
Wavlink Wn575a4 Firmware -
Wavlink Wn578a2 Firmware -
Wavlink Wn579g3 Firmware -
Wavlink Wn579x3 Firmware -
Wavlink Jetstream Ac3000 Firmware -
Wavlink Jetstream Erac3000 Firmware -
7.5
CVSSv3
CVE-2020-12266
An issue exists where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. The devices automatically query these pages to update dashboards and other statistics, but the pages can be access...
Wavlink Wl-wn579g3 Firmware M79x3.v5030.180719
Wavlink Wl-wn575a3 Firmware Rpt75a3.v4300.180801
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
Wavlink Wn531g3 Firmware -
Wavlink Wn533a8 Firmware -
Wavlink Wn531a6 Firmware -
Wavlink Wn551k1 Firmware -
Wavlink Wn535g3 Firmware -
Wavlink Wn530h4 Firmware -
Wavlink Wn57x93 Firmware -
Wavlink Wn578a2 Firmware -
Wavlink Wn579g3 Firmware -
Wavlink Wn579x3 Firmware -
Wavlink Jetstream Ac3000 Firmware -
Wavlink Jetstream Erac3000 Firmware -
8.8
CVSSv3
CVE-2020-10971
An issue exists on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the same time. The POST request itself is not validated to ensure it came from the active se...
Wavlink Wl-wn575a3 Firmware Rpt75a3.v4300.180801
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
Wavlink Wl-wn579g3 Firmware M79x3.v5030.180719
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started