Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wavlink vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2022-31847
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows malicious users to obtain sensitive router information via a crafted POST request.
Wavlink Wn579x3 Firmware M79x3.v5030.180719
891
VMScore
CVE-2020-12124
A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to execute arbitrary Linux commands as root without authentication.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
2 Github repositories
NA
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows malicious users to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].
Wavlink Wn533a8 Firmware M33a8.v5030.190716
NA
CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 exists to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter.
Wavlink Wn533a8 Firmware M33a8.v5030.190716
445
VMScore
CVE-2022-31308
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows malicious users to obtain sensitive router information via execution of the exec cmd function.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
890
VMScore
CVE-2022-31311
An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows malicious users to execute arbitrary commands via a crafted POST request.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
890
VMScore
CVE-2020-12125
A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to execute arbitrary machine instructions as root without authentication.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
694
VMScore
CVE-2020-12123
CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an malicious user to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authenticated in the router portal, then this attack will work.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
668
VMScore
CVE-2020-12126
Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an malicious user to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
445
VMScore
CVE-2020-12127
An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authenticatio...
Wavlink Wn530h4 Firmware M30h4.v5030.190403
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »