Vulnerabilities > Wavlink > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-27 CVE-2024-10428 Command Injection vulnerability in Wavlink products
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028.
network
low complexity
wavlink CWE-77
7.2
2024-10-27 CVE-2024-10429 Command Injection vulnerability in Wavlink products
A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028.
network
low complexity
wavlink CWE-77
7.2
2024-10-20 CVE-2024-10193 Command Injection vulnerability in Wavlink products
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical.
network
low complexity
wavlink CWE-77
7.2
2024-10-20 CVE-2024-10194 Out-of-bounds Write vulnerability in Wavlink products
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028.
low complexity
wavlink CWE-787
8.8
2023-06-30 CVE-2023-32612 Unspecified vulnerability in Wavlink Wl-Wn531Ax2 Firmware
Client-side enforcement of server-side security issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow an attacker with an administrative privilege to execute OS commands with the root privilege.
network
low complexity
wavlink
7.2
2023-06-30 CVE-2023-32613 Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wl-Wn531Ax2 Firmware
Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow a network-adjacent attacker to use functions originally available after login without logging in.
low complexity
wavlink CWE-668
8.1
2023-06-30 CVE-2023-32621 Unrestricted Upload of File with Dangerous Type vulnerability in Wavlink Wl-Wn531Ax2 Firmware
WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to upload arbitrary files and execute OS commands with the root privilege.
network
low complexity
wavlink CWE-434
7.2
2023-06-30 CVE-2023-32622 Unspecified vulnerability in Wavlink Wl-Wn531Ax2 Firmware
Improper neutralization of special elements in WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to execute OS commands with the root privilege.
network
low complexity
wavlink
7.2
2023-06-22 CVE-2023-29708 Unspecified vulnerability in Wavlink Wavrouter APP Rpt70Ha1.X
An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload.
network
low complexity
wavlink
7.5
2023-02-06 CVE-2022-48166 Missing Authorization vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.201217
An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.
network
low complexity
wavlink CWE-862
7.5