CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

RedhatCVE•added 2025/05/22 3:48 p.m.•5 views

CVE-2020-10972

An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page a certain live?.shtml page with the variable syspasswd. Affected Devices: Wavlink WN530HG4, Wavlink...

7.5CVSS7.4AI score0.00305EPSS

Exploits0References1

OSV•added 2024/10/27 9:15 p.m.•1 views

CVE-2024-10429

A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function setipv6 of the file internet.cgi. The manipulation of the argument IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr leads to command injection. It is possible to...

7.2CVSS5.5AI score0.32875EPSS

Exploits1References4

NVD•added 2024/10/27 9:15 p.m.•8 views

CVE-2024-10428

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been rated as critical. This issue affects the function setipv6 of the file firewall.cgi. The manipulation of the argument dhcpGateway leads to command injection. The attack may be initiated remotely. The...

8.6CVSS0.01262EPSS

Exploits1References4

CVE•added 2024/10/27 9:0 p.m.•58 views

CVE-2024-10429

The CVE-2024-10429 entry concerns WAVLINK WN530H4, WN530HG4 and WN572HG3 devices. Affected is the function set_ipv6 in the file internet.cgi, where manipulation of the IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr arguments leads to command injection. The issue enables remote execution and has b...

8.6CVSS7.4AI score0.32875EPSS

Exploits1References4Affected Software1

Cvelist•added 2024/10/27 9:0 p.m.•18 views

CVE-2024-10429 WAVLINK WN530H4/WN530HG4/WN572HG3 internet.cgi set_ipv6 command injection

8.6CVSS0.32875EPSS

Exploits1References4

CNNVD•added 2024/10/27 12:0 a.m.•2 views

WAVLINK多款产品命令注入漏洞

WAVLINK WN530HG4 and others are products of China RuiYin WAVLINK Company.WAVLINK WN530HG4 is a wireless router.WAVLINK WN530H4 is a router.WAVLINK WN572HG3 is a wireless router. A command injection vulnerability exists in several WAVLINK products. The vulnerability stems from the parameter...

8.6CVSS7.3AI score0.32875EPSS

Exploits1References4

CNNVD•added 2024/10/27 12:0 a.m.•2 views

WAVLINK多款产品命令注入漏洞

8.6CVSS7.3AI score0.01262EPSS

Exploits1References4

NVD•added 2024/10/20 8:15 a.m.•14 views

CVE-2024-10194

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Gotochidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the argument wlanUrl leads to stack-based buffer...

8.8CVSS0.00131EPSS

Exploits1References4

Vulnrichment•added 2024/10/20 8:0 a.m.•10 views

CVE-2024-10194 WAVLINK WN530H4/WN530HG4/WN572HG3 Front-End Authentication Page login.cgi Goto_chidx stack-based overflow

8.8CVSS6.8AI score0.00131EPSS

Exploits1References4

CVE•added 2024/10/20 8:0 a.m.•44 views

CVE-2024-10194

CVE-2024-10194 affects WAVLINK WN530H4, WN530HG4 and WN572HG3 (up to 20221028). The issue is in the Front-End Authentication Page, specifically the function Goto_chidx in the file login.cgi . Manipulating the argument wlanUrl causes a stack-based buffer overflow. Exploitation is possible only wit...

8.8CVSS8.8AI score0.00131EPSS

Exploits1References4Affected Software1

Cvelist•added 2024/10/20 8:0 a.m.•14 views

CVE-2024-10194 WAVLINK WN530H4/WN530HG4/WN572HG3 Front-End Authentication Page login.cgi Goto_chidx stack-based overflow

8.8CVSS0.00131EPSS

Exploits1References4

CVE•added 2024/10/20 7:31 a.m.•49 views

CVE-2024-10193

The CVE-2024-10193 issue affects WAVLINK WN530H4, WN530HG4, and WN572HG3 up to 20221028, with a vulnerability in the ping_ddns function of internet.cgi. The DDNS parameter manipulation enables command injection, and the attack may be initiated remotely; exploits have been disclosed publicly. Conn...

7.2CVSS5.6AI score0.00697EPSS

Exploits1References4Affected Software1

CNNVD•added 2024/10/20 12:0 a.m.•1 views

WAVLINK WL-WN530H4、WN530HG4和WN572HG3 安全漏洞

WAVLINK WN530HG4 and others are products of RuiYin Technology WAVLINK, China.WAVLINK WN530HG4 is a wireless router.WAVLINK WL-WN530H4 is a router.WAVLINK WN572HG3 is a wireless router. A security vulnerability exists in the WAVLINK WL-WN530H4, WN530HG4, and WN572HG3, which stems from the fact tha...

8.8CVSS8.9AI score0.00131EPSS

Exploits1References6

Positive Technologies•added 2024/10/12 12:0 a.m.•2 views

PT-2024-16107 · Wavlink · Wavlink Wn572Hp3 +1

Name of the Vulnerable Software and Affected Versions: WAVLINK WN530H4, WN530HG4, and WN572HG3 versions up to 20221028 Description: A critical issue affects the Front-End Authentication Page, specifically the function Goto chidx of the file login.cgi. The manipulation of the argument wlanUrl lead...

8.8CVSS7.4AI score0.00131EPSS

Exploits1References14

OSV•added 2020/05/07 6:15 p.m.•3 views

CVE-2020-10972

7.5CVSS7.2AI score0.00305EPSS

Exploits0References4

NVD•added 2020/05/07 6:15 p.m.•6 views

CVE-2020-10972

7.5CVSS7.8AI score0.00305EPSS

Exploits0References4

Prion•added 2020/05/07 6:15 p.m.•12 views

Authentication flaw

5CVSS7.7AI score0.00305EPSS

Exploits0References4Affected Software1

Cvelist•added 2020/05/07 5:51 p.m.•12 views

CVE-2020-10972

7.8AI score0.00305EPSS

Exploits0References4

CVE•added 2020/05/07 5:51 p.m.•50 views

CVE-2020-10972

CVE-2020-10972 describes an information-disclosure flaw where an unauthenticated page exposes the current administrator password in cleartext within the page source (live_?.shtml with the variable syspasswd). Affected devices include Wavlink WN530HG4, WN531G3, and WN572HG3. Public sources in the ...

7.5CVSS7.7AI score0.00305EPSS

Exploits0References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by