Lucene search
MitreCVE-2023-38861HistoryAug 15, 2023 - 7:15 p.m.
CVE-2023-38861
2023-08-1519:15:10
CWE-77
mitre
web.nvd.nist.gov
22
wavlink
wl_wnj575a3
remote code execution
username parameter
security vulnerability
cve-2023-38861
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.005
Percentile
77.6%
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
Affected configurations
Node
wavlinkwl-wn575a3_firmwareMatchr75a3_v1410_220513
wavlinkwl-wn575a3Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wavlink | wl-wn575a3_firmware | r75a3_v1410_220513 | cpe:2.3:o:wavlink:wl-wn575a3_firmware:r75a3_v1410_220513:*:*:*:*:*:*:* |
| wavlink | wl-wn575a3 | - | cpe:2.3:h:wavlink:wl-wn575a3:-:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2023-08-15 19:15:00
cvelist
cvelist
CVE-2023-38861
2023-08-15 00:00:00
nvd
nvd
CVE-2023-38861
2023-08-15 19:15:10
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.005
Percentile
77.6%
Related for CVE-2023-38861