Vulnerabilities > Wavlink > Wn535G3 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-08-10 CVE-2022-35533 Unspecified vulnerability in Wavlink products
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml.
network
low complexity
wavlink
critical
 9.8
9.8
2022-08-10 CVE-2022-35534 Unspecified vulnerability in Wavlink products
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hiddenSSID32g and SSID2G2, which leads to command injection in page /wifi_multi_ssid.shtml.
network
low complexity
wavlink
critical
 9.8
9.8
2022-08-10 CVE-2022-35535 Unspecified vulnerability in Wavlink products
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml.
network
low complexity
wavlink
critical
 9.8
9.8
2022-08-10 CVE-2022-35536 Unspecified vulnerability in Wavlink products
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_bandwith and qos_dat, which leads to command injection in page /qos.shtml.
network
low complexity
wavlink
critical
 9.8
9.8
2022-08-10 CVE-2022-35537 Unspecified vulnerability in Wavlink products
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac_5g and Newname, which leads to command injection in page /wifi_mesh.shtml.
network
low complexity
wavlink
critical
 9.8
9.8
2022-08-10 CVE-2022-35538 Unspecified vulnerability in Wavlink products
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml.
network
low complexity
wavlink
critical
 9.8
9.8
2022-07-25 CVE-2022-34576 Unspecified vulnerability in Wavlink Wn535G3 Firmware M35G3R.V5030.180927
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.
network
low complexity
wavlink
7.5
7.5
2022-07-25 CVE-2022-34577 Unspecified vulnerability in Wavlink Wn535G3 Firmware M35G3R.V5030.180927
A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.
network
low complexity
wavlink
critical
 9.8
9.8
2022-06-14 CVE-2022-31845 Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wn535G3 Firmware M35G3R.V5030.180927
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
network
low complexity
wavlink CWE-668
7.5
7.5
2022-06-14 CVE-2022-31846 Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wn535G3 Firmware M35G3R.V5030.180927
A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
network
low complexity
wavlink CWE-668
7.5
7.5