CVE-2022-40621

Because the WAVLINK Quantum D4G WN531G3 running firmware version M31G3.V5030.200325 and earlier communicates over HTTP and not HTTPS, and because the hashing mechanism does not rely on a server-supplied key, it is possible for an attacker with sufficient network access to capture the hashed...

WAVLINK WN531G3 安全漏洞

The WAVLINK WN531G3 is a wireless router from China-based RuiYin Technology WAVLINK. A security vulnerability exists in the WAVLINK WN531G3 firmware version M31G3.V5030.200325 and earlier versions, which originates from communication over HTTP instead of HTTPS, and because the hashing mechanism...

WAVLINK WN531G3 授权问题漏洞

The WAVLINK WN531G3 is a wireless router from the Chinese company WAVLINK. A security vulnerability exists in the WAVLINK WN531G3 firmware version M31G3.V5030.200325 and prior versions, which stems from the use of an IP address to maintain a session and does not use a session token, and can be...

WAVLINK WN531G3 跨站请求伪造漏洞

The WAVLINK WN531G3 is a wireless router from China-based RuiYin Technology WAVLINK. A security vulnerability exists in WAVLINK WN531G3 firmware version M31G3.V5030.200325 and prior versions, which stems from the non-use of anti-CSRF tokens, and when used in conjunction with other issues such as...

CVE-2022-40623

The WAVLINK Quantum D4G WN531G3 running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues such as CVE-2022-35518, can lead to remote, unauthenticated command execution...