Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wavlink vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-31309
A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows malicious users to obtain sensitive router information via execution of the exec cmd function.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
9.8
CVSSv3
CVE-2022-31311
An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows malicious users to execute arbitrary commands via a crafted POST request.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
7.5
CVSSv3
CVE-2022-31308
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows malicious users to obtain sensitive router information via execution of the exec cmd function.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
7.5
CVSSv3
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows malicious users to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].
Wavlink Wn533a8 Firmware M33a8.v5030.190716
6.1
CVSSv3
CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 exists to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter.
Wavlink Wn533a8 Firmware M33a8.v5030.190716
9.8
CVSSv3
CVE-2023-38861
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote malicious user to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
Wavlink Wl-wn575a3 Firmware R75a3 V1410 220513
7.5
CVSSv3
CVE-2022-31847
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows malicious users to obtain sensitive router information via a crafted POST request.
Wavlink Wn579x3 Firmware M79x3.v5030.180719
8.1
CVSSv3
CVE-2020-12123
CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an malicious user to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authenticated in the router portal, then this attack will work.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
9.8
CVSSv3
CVE-2020-12124
A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to execute arbitrary Linux commands as root without authentication.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
2 Github repositories
7.5
CVSSv3
CVE-2020-12127
An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authenticatio...
Wavlink Wn530h4 Firmware M30h4.v5030.190403
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »