Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wavlink vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-34045
Wavlink WN530HG4 M30HG4.V5030.191116 exists to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh.
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
7.5
CVSSv2
CVE-2022-23900
A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an malicious user to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi.
Wavlink Wl-wn531p3 Firmware M31g3.v5030.201204
10
CVSSv2
CVE-2020-15490
An issue exists on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple buffer overflow vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges. (The set of affected scripts is similar to CVE-2020-12266.)
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
NA
CVE-2022-37149
WAVLINK WL-WN575A3 RPT75A3.V4300.201217 exists to contain a command injection vulnerability when operating the file adm.cgi. This vulnerability allows malicious users to execute arbitrary commands via the username parameter.
Wavlink Wl-wn575a3 Firmware Rpt75a3.v4300.201217
7.5
CVSSv2
CVE-2022-34592
Wavlink WL-WN575A3 RPT75A3.V4300.201217 exists to contain a command injection vulnerability via the function obtw. This vulnerability allows malicious users to execute arbitrary commands via a crafted POST request.
Wavlink Wl-wn575a3 Firmware Rpt75a3.v4300.201217
NA
CVE-2022-34047
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows malicious users to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
NA
CVE-2022-34049
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated malicious users to download log files and configuration data.
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
NA
CVE-2022-34570
WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows malicious users to obtain the key information via accessing the messages.txt page.
Wavlink Wl-wn579x3 Firmware M79x3.v5030.191012
NA
CVE-2022-48164
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated malicious users to download configuration data and log files and obtain admin credentials.
Wavlink Wl-wn533a8 Firmware M33a8.v5030.190716
NA
CVE-2022-48165
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated malicious users to download configuration data and log files and obtain admin credentials.
Wavlink Wl-wn530h4 Firmware M30h4.v5030.210121
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »