Vulnerabilities > Wavlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-15 | CVE-2023-38861 | Command Injection vulnerability in Wavlink Wl-Wn575A3 Firmware R75A3V1410220513 An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi. | 9.8 |
| 2023-06-30 | CVE-2023-32612 | Unspecified vulnerability in Wavlink Wl-Wn531Ax2 Firmware Client-side enforcement of server-side security issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow an attacker with an administrative privilege to execute OS commands with the root privilege. | 7.2 |
| 2023-06-30 | CVE-2023-32613 | Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wl-Wn531Ax2 Firmware Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow a network-adjacent attacker to use functions originally available after login without logging in. | 8.1 |
| 2023-06-30 | CVE-2023-32620 | Improper Authentication vulnerability in Wavlink Wl-Wn531Ax2 Firmware Improper authentication vulnerability in WL-WN531AX2 firmware versions prior to 2023526 allows a network-adjacent attacker to obtain a password for the wireless network. | 6.5 |
| 2023-06-30 | CVE-2023-32621 | Unrestricted Upload of File with Dangerous Type vulnerability in Wavlink Wl-Wn531Ax2 Firmware WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to upload arbitrary files and execute OS commands with the root privilege. | 7.2 |
| 2023-06-30 | CVE-2023-32622 | Unspecified vulnerability in Wavlink Wl-Wn531Ax2 Firmware Improper neutralization of special elements in WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to execute OS commands with the root privilege. | 7.2 |
| 2023-06-23 | CVE-2023-3380 | Injection vulnerability in Wavlink Wn579X3 Firmware 20200515 A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. | 9.8 |
| 2023-06-22 | CVE-2023-29708 | Unspecified vulnerability in Wavlink Wavrouter APP Rpt70Ha1.X An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload. | 7.5 |
| 2023-02-06 | CVE-2022-48166 | Missing Authorization vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.201217 An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials. | 7.5 |
| 2023-02-06 | CVE-2022-48164 | Unspecified vulnerability in Wavlink Wl-Wn533A8 Firmware M33A8.V5030.190716 An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials. | 7.5 |