Lucene search
K

36 matches found

GithubExploit
GithubExploit
added 2026/03/19 3:57 p.m.73 views

WAVLINK-WN530H4-Command-Injection-in-set_add_routing

WAVLINK-WN...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:56 a.m.14 views

CVE-2020-12127

An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication...

7.5CVSS6.3AI score0.07401EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:56 a.m.20 views

CVE-2020-12124

A remote command-line injection vulnerability in the /cgi-bin/liveapi.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication...

10CVSS8.1AI score0.7465EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-4438

Malware in sbrugna...

8.1CVSS8AI score0.00425EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 5:49 p.m.19 views

CVE-2020-12126

Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint...

9.8CVSS7.5AI score0.0129EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:11 p.m.9 views

CVE-2020-12125

A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication...

10CVSS8.1AI score0.03608EPSS
Exploits0
OSV
OSV
added 2024/10/27 9:15 p.m.3 views

CVE-2024-10429

A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function setipv6 of the file internet.cgi. The manipulation of the argument IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr leads to command injection. It is possible to...

7.2CVSS5.5AI score0.17215EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/10/27 9:0 p.m.54 views

CVE-2024-10429 WAVLINK WN530H4/WN530HG4/WN572HG3 internet.cgi set_ipv6 command injection

A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function setipv6 of the file internet.cgi. The manipulation of the argument IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr leads to command injection. It is possible to...

8.6CVSS0.17215EPSS
Exploits1References4
CVE
CVE
added 2024/10/27 9:0 p.m.65 views

CVE-2024-10429

The CVE-2024-10429 entry concerns WAVLINK WN530H4, WN530HG4 and WN572HG3 devices. Affected is the function set_ipv6 in the file internet.cgi, where manipulation of the IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr arguments leads to command injection. The issue enables remote execution and has b...

8.6CVSS7.4AI score0.17215EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/10/27 12:0 a.m.6 views

WAVLINK多款产品 命令注入漏洞

WAVLINK WN530HG4 and others are products of China RuiYin WAVLINK Company.WAVLINK WN530HG4 is a wireless router.WAVLINK WN530H4 is a router.WAVLINK WN572HG3 is a wireless router. A command injection vulnerability exists in several WAVLINK products. The vulnerability stems from the parameter...

8.6CVSS7.3AI score0.17215EPSS
Exploits1References4
VulnCheck KEV
VulnCheck KEV
added 2024/03/30 12:0 a.m.2 views

VulnCheck KEV: CVE-2020-12124

A remote command-line injection vulnerability in the /cgi-bin/liveapi.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication...

10CVSS7.5AI score0.7465EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.13 views

PT-2022-22879 · Wavlink · Wavlink Wn530H4 +4

Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue concerns the lack of filtering on certain parameters in the adm.cgi file, specifically: web pskValue, wl Method, wlan ssid, EncrypType, rw...

8.8CVSS8.9AI score0.02251EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.7 views

PT-2022-22891 · Wavlink · Wavlink Wn530H4 +4

Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue affects the qos.cgi page, specifically the /qos.shtml endpoint, where the cli list and cli num parameters have no filtering, leading to...

9.8CVSS9.7AI score0.02302EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.9 views

PT-2022-22887 · Wavlink · Wavlink Wn533A8 +4

Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue is related to a lack of filtering on parameters in the adm.cgi file, which leads to command injection in the /wizard rep.shtml page. The...

9.8CVSS9.6AI score0.02302EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.11 views

PT-2022-22880 · Wavlink · Wavlink Wn533A8 +4

Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue is related to a lack of filtering on parameters: User1Passwd and User1 in the nas.cgi file, which leads to command injection in the /nas...

9.8CVSS9AI score0.01509EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.8 views

PT-2022-22884 · Wavlink · Wavlink Wn533A8 +4

Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue is related to the firewall.cgi having no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled,...

9.8CVSS9.6AI score0.02302EPSS
Exploits1References4
NVD
NVD
added 2020/10/02 9:15 a.m.23 views

CVE-2020-12125

A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication...

10CVSS0.03608EPSS
Exploits0References2
NVD
NVD
added 2020/10/02 9:15 a.m.25 views

CVE-2020-12127

An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication...

7.5CVSS0.07401EPSS
Exploits0References2
NVD
NVD
added 2020/10/02 9:15 a.m.42 views

CVE-2020-12124

A remote command-line injection vulnerability in the /cgi-bin/liveapi.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication...

10CVSS0.7465EPSS
Exploits0References2
NVD
NVD
added 2020/10/02 9:15 a.m.16 views

CVE-2020-12123

CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authenticated in the router portal, then this attack will work...

8.1CVSS0.00425EPSS
Exploits0References2
Rows per page
Query Builder