Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2022-30489

Published: 13/05/2022 Updated: 23/05/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Wavlink

Vulnerability Summary

WAVLINK WN535 G3 exists to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

wavlink wn535g3_firmware -

Github Repositories

https://github.com/badboycxcc/XSS-CVE-2022-30489

WAVLINK WN535G3 POST XSS Use CVE-2022-30489 PAYLOAD POST /cgi-bin/logincgi HTTP/11 Host: 9812766193 Content-Length: 255 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Origin: 9812766193 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/50 (Windows NT 100; Win64; x64) AppleWebKit/53736 (KHTML, like Gecko) Chrome/9004430212 Safar

References

CWE-79https://github.com/badboycxcc/XSShttps://nvd.nist.govhttps://github.com/badboycxcc/XSS-CVE-2022-30489
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook