Vulnerabilities > Wavlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-25 | CVE-2022-34574 | Forced Browsing vulnerability in Wavlink Wifi-Repeater Firmware Rpta277W.M4300.01.Gd.2017Sep19 An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing Tftpd32.ini. | 5.7 |
| 2022-07-25 | CVE-2022-34575 | Improper Authentication vulnerability in Wavlink Wifi-Repeater Firmware Rpta277W.M4300.01.Gd.2017Sep19 An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing fctest.shtml. | 5.7 |
| 2022-07-25 | CVE-2022-34576 | Unspecified vulnerability in Wavlink Wn535G3 Firmware M35G3R.V5030.180927 A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request. | 7.5 |
| 2022-07-25 | CVE-2022-34577 | Unspecified vulnerability in Wavlink Wn535G3 Firmware M35G3R.V5030.180927 A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request. | 9.8 |
| 2022-07-20 | CVE-2022-34045 | Use of Hard-coded Credentials vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.191116 Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh. | 9.8 |
| 2022-07-20 | CVE-2022-34046 | Incorrect Authorization vulnerability in Wavlink Wn533A8 Firmware M33A8.V5030.190716 An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);]. | 7.5 |
| 2022-07-20 | CVE-2022-34047 | Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.191116 An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd]. | 7.5 |
| 2022-07-20 | CVE-2022-34048 | Cross-site Scripting vulnerability in Wavlink Wn533A8 Firmware M33A8.V5030.190716 Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter. | 6.1 |
| 2022-07-20 | CVE-2022-34049 | Files or Directories Accessible to External Parties vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.191116 An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data. | 5.3 |
| 2022-07-20 | CVE-2022-2486 | OS Command Injection vulnerability in Wavlink Wl-Wn535K2 Firmware and Wl-Wn535K3 Firmware A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. | 9.8 |