Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wavlink vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-31847
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows malicious users to obtain sensitive router information via a crafted POST request.
Wavlink Wn579x3 Firmware M79x3.v5030.180719
10
CVSSv2
CVE-2020-12124
A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to execute arbitrary Linux commands as root without authentication.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
2 Github repositories
NA
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows malicious users to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].
Wavlink Wn533a8 Firmware M33a8.v5030.190716
NA
CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 exists to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter.
Wavlink Wn533a8 Firmware M33a8.v5030.190716
5
CVSSv2
CVE-2022-31308
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows malicious users to obtain sensitive router information via execution of the exec cmd function.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
10
CVSSv2
CVE-2022-31311
An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows malicious users to execute arbitrary commands via a crafted POST request.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
10
CVSSv2
CVE-2020-12125
A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to execute arbitrary machine instructions as root without authentication.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
7.8
CVSSv2
CVE-2020-12123
CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an malicious user to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authenticated in the router portal, then this attack will work.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
7.5
CVSSv2
CVE-2020-12126
Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an malicious user to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
5
CVSSv2
CVE-2020-12127
An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authenticatio...
Wavlink Wn530h4 Firmware M30h4.v5030.190403
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »