Lucene search
JpcertCVE-2023-32612HistoryJun 30, 2023 - 5:15 a.m.
CVE-2023-32612
2023-06-3005:15:09
jpcert
web.nvd.nist.gov
19
cve-2023-32612
security issue
wl-wn531ax2
firmware
admin privilege
os command execution
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
48.3%
Client-side enforcement of server-side security issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow an attacker with an administrative privilege to execute OS commands with the root privilege.
Affected configurations
Node
wavlinkwl-wn531ax2Match-
wavlinkwl-wn531ax2_firmwareRange<2023526
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wavlink | wl-wn531ax2 | - | cpe:2.3:h:wavlink:wl-wn531ax2:-:*:*:*:*:*:*:* |
| wavlink | wl-wn531ax2_firmware | * | cpe:2.3:o:wavlink:wl-wn531ax2_firmware:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "WAVLINK TECHNOLOGY Ltd.",
"product": "WL-WN531AX2",
"versions": [
{
"version": "firmware versions prior to 2023526",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2023-32612
2023-06-30 05:15:09
prion
prion
Design/Logic Flaw
2023-06-30 05:15:00
cvelist
cvelist
CVE-2023-32612
2023-06-30 04:01:42
jvn
jvn
JVN#78634340: Multiple vulnerabilities in WAVLINK WL-WN531AX2
2023-06-27 00:00:00
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
48.3%
Related for CVE-2023-32612