Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wavlink vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2022-31309
A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows malicious users to obtain sensitive router information via execution of the exec cmd function.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
NA
CVE-2023-38861
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote malicious user to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
Wavlink Wl-wn575a3 Firmware R75a3 V1410 220513
890
VMScore
CVE-2020-15490
An issue exists on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple buffer overflow vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges. (The set of affected scripts is similar to CVE-2020-12266.)
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
NA
CVE-2023-29708
An issue exists in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows malicious users to force a factory reset via crafted payload.
Wavlink Wavrouter App Rpt70ha1.x
NA
CVE-2022-34047
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows malicious users to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
NA
CVE-2022-37149
WAVLINK WL-WN575A3 RPT75A3.V4300.201217 exists to contain a command injection vulnerability when operating the file adm.cgi. This vulnerability allows malicious users to execute arbitrary commands via the username parameter.
Wavlink Wl-wn575a3 Firmware Rpt75a3.v4300.201217
890
VMScore
CVE-2020-15489
An issue exists on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges.
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
NA
CVE-2022-34045
Wavlink WN530HG4 M30HG4.V5030.191116 exists to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh.
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
NA
CVE-2022-34049
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated malicious users to download log files and configuration data.
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
NA
CVE-2022-34570
WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows malicious users to obtain the key information via accessing the messages.txt page.
Wavlink Wl-wn579x3 Firmware M79x3.v5030.191012
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »