26 matches found
EUVD-2022-37078
Malicious code in bioql PyPI...
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IPADDRESS/sysinit.shtml?r=52300 and searching for logincheckuser;...
CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting XSS vulnerability via the loginpage parameter...
CVE-2022-35518
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nasdisk.shtml...
PT-2022-22880 · Wavlink · Wavlink Wn533A8 +4
Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue is related to a lack of filtering on parameters: User1Passwd and User1 in the nas.cgi file, which leads to command injection in the /nas...
PT-2022-22879 · Wavlink · Wavlink Wn530H4 +4
Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue concerns the lack of filtering on certain parameters in the adm.cgi file, specifically: web pskValue, wl Method, wlan ssid, EncrypType, rw...
PT-2022-22887 · Wavlink · Wavlink Wn533A8 +4
Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue is related to a lack of filtering on parameters in the adm.cgi file, which leads to command injection in the /wizard rep.shtml page. The...
PT-2022-22891 · Wavlink · Wavlink Wn530H4 +4
Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue affects the qos.cgi page, specifically the /qos.shtml endpoint, where the cli list and cli num parameters have no filtering, leading to...
PT-2022-22884 · Wavlink · Wavlink Wn533A8 +4
Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue is related to the firewall.cgi having no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled,...
Wavlink WN533A8 Cross Site Scripting
Exploit Title: Wavlink WN533A8 - Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34048 Tested on: Windows Poc code history.pushState'', '', '/'...
Wavlink WN533A8 Password Disclosure
Exploit Title: Wavlink WN533A8 - Password Disclosure Date: 2022-06-12 Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34046 Tested on: Windows Exploit...
Wavlink WN533A8 - Cross-Site Scripting Vulnerability
Exploit Title: Wavlink WN533A8 - Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34048 Tested on: Windows Poc code history.pushState'', '', '/'...
Wavlink WN533A8 - Password Disclosure Vulnerability
Exploit Title: Wavlink WN533A8 - Password Disclosure Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34046 Tested on: Windows Exploit view-source:http://IPADDRESS/sysinit.shtml search for...
Wavlink WN533A8 - Password Disclosure
Exploit Title: Wavlink WN533A8 - Password Disclosure Date: 2022-06-12 Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34046 Tested on: Windows Exploit...
Wavlink WN533A8 - Cross-Site Scripting (XSS)
Exploit Title: Wavlink WN533A8 - Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34048 Tested on: Windows Poc code history.pushState'', '', '/'...
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IPADDRESS/sysinit.shtml?r=52300 and searching for logincheckuser;...
CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting XSS vulnerability via the loginpage parameter...
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IPADDRESS/sysinit.shtml?r=52300 and searching for logincheckuser;...
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IPADDRESS/sysinit.shtml?r=52300 and searching for logincheckuser;...
CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting XSS vulnerability via the loginpage parameter...