Lucene search
HistoryJul 25, 2022 - 10:15 p.m.
CVE-2022-34576
vulnerability
wavlink wn535 g3
execution
arbitrary code
post request
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.024
Percentile
90.2%
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.
Affected configurations
Node
wavlinkwn535g3_firmwareMatchm35g3r.v5030.180927
wavlinkwn535g3Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wavlink | wn535g3_firmware | m35g3r.v5030.180927 | cpe:2.3:o:wavlink:wn535g3_firmware:m35g3r.v5030.180927:*:*:*:*:*:*:* |
| wavlink | wn535g3 | - | cpe:2.3:h:wavlink:wn535g3:-:*:*:*:*:*:*:* |
Related
nuclei
nuclei
WAVLINK WN535 G3 - Improper Access Control
2022-08-14 20:19:06
cvelist
cvelist
CVE-2022-34576
2022-07-25 21:37:25
prion
prion
Cross site request forgery (csrf)
2022-07-25 22:15:00
cve
cve
CVE-2022-34576
2022-07-25 22:15:08
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.024
Percentile
90.2%
Related for NVD:CVE-2022-34576