Vulnerabilities > Wavlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-27 | CVE-2024-10428 | Command Injection vulnerability in Wavlink products A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. | 7.2 |
| 2024-10-27 | CVE-2024-10429 | Command Injection vulnerability in Wavlink products A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. | 7.2 |
| 2024-10-20 | CVE-2024-10193 | Command Injection vulnerability in Wavlink products A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. | 7.2 |
| 2024-10-20 | CVE-2024-10194 | Out-of-bounds Write vulnerability in Wavlink products A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. | 8.8 |
| 2023-08-15 | CVE-2023-38861 | Command Injection vulnerability in Wavlink Wl-Wn575A3 Firmware R75A3V1410220513 An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi. | 9.8 |
| 2023-06-30 | CVE-2023-32612 | Unspecified vulnerability in Wavlink Wl-Wn531Ax2 Firmware Client-side enforcement of server-side security issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow an attacker with an administrative privilege to execute OS commands with the root privilege. | 7.2 |
| 2023-06-30 | CVE-2023-32613 | Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wl-Wn531Ax2 Firmware Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow a network-adjacent attacker to use functions originally available after login without logging in. | 8.1 |
| 2023-06-30 | CVE-2023-32620 | Improper Authentication vulnerability in Wavlink Wl-Wn531Ax2 Firmware Improper authentication vulnerability in WL-WN531AX2 firmware versions prior to 2023526 allows a network-adjacent attacker to obtain a password for the wireless network. | 6.5 |
| 2023-06-30 | CVE-2023-32621 | Unrestricted Upload of File with Dangerous Type vulnerability in Wavlink Wl-Wn531Ax2 Firmware WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to upload arbitrary files and execute OS commands with the root privilege. | 7.2 |
| 2023-06-30 | CVE-2023-32622 | Unspecified vulnerability in Wavlink Wl-Wn531Ax2 Firmware Improper neutralization of special elements in WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to execute OS commands with the root privilege. | 7.2 |