Vulnerabilities > Wavlink > WL Wn575A3 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-07 | CVE-2020-10974 | Missing Authentication for Critical Function vulnerability in Wavlink products An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. | 7.5 |
| 2020-05-07 | CVE-2020-10971 | Improper Input Validation vulnerability in Wavlink products An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the same time. | 8.8 |
| 2020-04-27 | CVE-2020-12266 | Missing Authentication for Critical Function vulnerability in Wavlink products An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. | 7.5 |