Vulnerabilities > Wavlink

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2022-31308 Exposure of Resource to Wrong Sphere vulnerability in Wavlink Aerial X 1200M Firmware M79X3.V5030.180719
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function.
network
low complexity
wavlink CWE-668
5.0
2022-06-14 CVE-2022-31309 Exposure of Resource to Wrong Sphere vulnerability in Wavlink Aerial X 1200M Firmware M79X3.V5030.180719
A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function.
network
low complexity
wavlink CWE-668
5.0
2022-06-14 CVE-2022-31311 Command Injection vulnerability in Wavlink Aerial X 1200M Firmware M79X3.V5030.180719
An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request.
network
low complexity
wavlink CWE-77
critical
10.0
2022-06-14 CVE-2022-31845 Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wn535G3 Firmware M35G3R.V5030.180927
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
network
low complexity
wavlink CWE-668
5.0
2022-06-14 CVE-2022-31846 Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wn535G3 Firmware M35G3R.V5030.180927
A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
network
low complexity
wavlink CWE-668
5.0
2022-06-14 CVE-2022-31847 Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wn579X3 Firmware M79X3.V5030.180719
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.
network
low complexity
wavlink CWE-668
5.0
2022-05-13 CVE-2022-30489 Cross-site Scripting vulnerability in Wavlink Wn535G3 Firmware
WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.
network
wavlink CWE-79
4.3
2022-04-07 CVE-2022-23900 Command Injection vulnerability in Wavlink Wl-Wn531P3 Firmware M31G3.V5030.201204
A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi.
network
low complexity
wavlink CWE-77
7.5
2022-03-17 CVE-2021-44259 Missing Authentication for Critical Function vulnerability in Wavlink Wl-Wn531G3 Firmware A42W1.27.620180418
A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication.
network
low complexity
wavlink CWE-306
7.5
2022-03-17 CVE-2021-44260 Missing Authentication for Critical Function vulnerability in Wavlink Wl-Wn531G3 Firmware A42W1.27.620180418
A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication.
network
low complexity
wavlink CWE-306
5.0