Vulnerabilities > Wavlink > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-20 | CVE-2024-10193 | Command Injection vulnerability in Wavlink products A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. | 7.2 |
| 2024-10-20 | CVE-2024-10194 | Out-of-bounds Write vulnerability in Wavlink products A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. | 8.8 |
| 2023-06-30 | CVE-2023-32612 | Unspecified vulnerability in Wavlink Wl-Wn531Ax2 Firmware Client-side enforcement of server-side security issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow an attacker with an administrative privilege to execute OS commands with the root privilege. | 7.2 |
| 2023-06-30 | CVE-2023-32613 | Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wl-Wn531Ax2 Firmware Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow a network-adjacent attacker to use functions originally available after login without logging in. | 8.1 |
| 2023-06-30 | CVE-2023-32621 | Unrestricted Upload of File with Dangerous Type vulnerability in Wavlink Wl-Wn531Ax2 Firmware WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to upload arbitrary files and execute OS commands with the root privilege. | 7.2 |
| 2023-06-30 | CVE-2023-32622 | Unspecified vulnerability in Wavlink Wl-Wn531Ax2 Firmware Improper neutralization of special elements in WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to execute OS commands with the root privilege. | 7.2 |
| 2023-06-22 | CVE-2023-29708 | Unspecified vulnerability in Wavlink Wavrouter APP Rpt70Ha1.X An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload. | 7.5 |
| 2023-02-06 | CVE-2022-48166 | Missing Authorization vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.201217 An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials. | 7.5 |
| 2023-02-06 | CVE-2022-48164 | Unspecified vulnerability in Wavlink Wl-Wn533A8 Firmware M33A8.V5030.190716 An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials. | 7.5 |
| 2023-02-03 | CVE-2022-48165 | Unspecified vulnerability in Wavlink Wl-Wn530H4 Firmware M30H4.V5030.210121 An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials. | 7.5 |