Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wavlink vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-12123
CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an malicious user to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authenticated in the router portal, then this attack will work.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
9.8
CVSSv3
CVE-2020-12125
A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to execute arbitrary machine instructions as root without authentication.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
7.5
CVSSv3
CVE-2022-31309
A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows malicious users to obtain sensitive router information via execution of the exec cmd function.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
9.8
CVSSv3
CVE-2022-31311
An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows malicious users to execute arbitrary commands via a crafted POST request.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
9.8
CVSSv3
CVE-2023-38861
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote malicious user to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
Wavlink Wl-wn575a3 Firmware R75a3 V1410 220513
7.5
CVSSv3
CVE-2022-31308
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows malicious users to obtain sensitive router information via execution of the exec cmd function.
Wavlink Aerial X 1200m Firmware M79x3.v5030.180719
9.8
CVSSv3
CVE-2020-12124
A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to execute arbitrary Linux commands as root without authentication.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
2 Github repositories
9.8
CVSSv3
CVE-2020-12126
Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an malicious user to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint.
Wavlink Wn530h4 Firmware M30h4.v5030.190403
7.5
CVSSv3
CVE-2020-12127
An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an malicious user to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authenticatio...
Wavlink Wn530h4 Firmware M30h4.v5030.190403
7.5
CVSSv3
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows malicious users to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].
Wavlink Wn533a8 Firmware M33a8.v5030.190716
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »