24 matches found
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things IoT devices and web applications to enroll them into a botnet known as RondoDox. As of December 2025, the activity has been observed leveraging the recently disclosed...
EUVD-2024-33110
Malicious code in bioql PyPI...
The vulnerability of the sys_login function in the /cgi-bin/login.cgi script of the WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3, and WL-WN576K1 routers allows a hacker to execute arbitrary code.
The vulnerability of the syslogin function in the /cgi-bin/login.cgi script of the WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3, and WL-WN576K1 routers is related to the copying of buffers without checking the size of the input data during the processing of the loginpage...
WAVLINK多款产品 安全漏洞
WAVLINK is a router from China Ruiyin WAVLINK. It is a hardware device that connects two or more networks and acts as a gateway between networks. A security vulnerability exists in several WAVLINK products, which originates from a buffer overflow in the parameter loginpage in the file...
CVE-2022-35517
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: webpskValue, wlMethod, wlanssid, EncrypType, rwanip, rwanmask, rwangateway, pppusername, ppppasswd and pppsetver, which leads to command injection in page /wizardroutermesh.shtml...
The vulnerability of the ping_ddns() function in the internet.cgi scenario of the Wavlink WN530H4, WN530HG4, and WN572HG3 routers allows attackers to execute arbitrary commands.
The vulnerability of the pingddns function in the internet.cgi scenario of the Wavlink WN530H4, WN530HG4, and WN572HG3 routers is related to the lack of data cleaning at the management level when processing DDNS parameters. Exploiting this vulnerability allows a remote attacker to execute arbitra...
The vulnerability of the openvpn_server_setup() function in the openvpn.cgi scenario of the Wavlink AC3000 (WL-WN533A8) router microprogramming software allows a hacker to circumvent existing security restrictions.
The vulnerability of the openvpnserversetup function in the openvpn.cgi script of the Wavlink AC3000 WL-WN533A8 router software is related to errors in system configuration or settings. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by sending...
WAVLINK多款产品 命令注入漏洞
WAVLINK WN530HG4 and others are products of China RuiYin WAVLINK Company.WAVLINK WN530HG4 is a wireless router.WAVLINK WN530H4 is a router.WAVLINK WN572HG3 is a wireless router. A command injection vulnerability exists in several WAVLINK products. The vulnerability stems from the parameter...
CVE-2024-10194
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Gotochidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the argument wlanUrl leads to stack-based buffer...
CVE-2024-10193
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. This issue affects the function pingddns of the file internet.cgi. The manipulation of the argument DDNS leads to command injection. The attack may be initiated remotely. The exploit has...
CVE-2024-10193 WAVLINK WN530H4/WN530HG4/WN572HG3 internet.cgi ping_ddns command injection
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. This issue affects the function pingddns of the file internet.cgi. The manipulation of the argument DDNS leads to command injection. The attack may be initiated remotely. The exploit has...
WAVLINK WL-WN530H4、WN530HG4和WN572HG3 安全漏洞
WAVLINK WN530HG4 and others are products of RuiYin Technology WAVLINK, China.WAVLINK WN530HG4 is a wireless router.WAVLINK WL-WN530H4 is a router.WAVLINK WN572HG3 is a wireless router. A security vulnerability exists in the WAVLINK WL-WN530H4, WN530HG4, and WN572HG3, which stems from the fact tha...
WAVLINK WN530H4、WN530HG4和WN572HG3 命令注入漏洞
WAVLINK WN530HG4 and others are products of RuiYin Technology WAVLINK, China.WAVLINK WN530HG4 is a wireless router.WAVLINK WL-WN530H4 is a router.WAVLINK WN572HG3 is a wireless router. A command injection vulnerability exists in WAVLINK WN530H4, WN530HG4, and WN572HG3, which stems from the fact...
CVE-2022-35535
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifimesh.shtml...
CVE-2022-35521
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and blockSynFloodEnabled, which leads to command injection in page /mansecurity.shtml...
Command injection
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlansignal, webpskValue, selEncrypTyp, selAutomode, wlanbssid, wlanssid and wlanchannel, which leads to command injection in page /wizardrep.shtml...
多款WAVLINK产品安全漏洞
WAVLINK AC1200 and so on are the products of China RuiYin Technology WAVLINK company.WAVLINK AC1200 is a dual-band high-power wireless router.WAVLINK WL-WN531P3 is a wireless router.WAVLINK WN533A8 is a wireless router.WAVLINK WN572HP3, WN530H4, WN535G3, WN531P3 AC1200 version has a security...
多款WAVLINK产品安全漏洞
WAVLINK AC1200 and so on are products of China RuiYin Technology WAVLINK company.WAVLINK AC1200 is a dual-band high-power wireless router.WAVLINK WL-WN531P3 is a wireless router.WAVLINK WN533A8 is a wireless router. A security vulnerability exists in the WAVLINK WN572HP3, WN533A8, WN530H4, WN535G...
多款WAVLINK产品安全漏洞
WAVLINK AC1200 and others are products of China RuiYin Technology WAVLINK.WAVLINK AC1200 is a dual-band high power wireless router.WAVLINK WL-WN531P3 is a wireless router.WAVLINK WN533A8 is a wireless router. A security vulnerability exists in WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3...
多款WAVLINK产品安全漏洞
WAVLINK AC1200 and so on are products of China RuiYin Technology WAVLINK company.WAVLINK AC1200 is a dual-band high-power wireless router.WAVLINK WL-WN531P3 is a wireless router.WAVLINK WN533A8 is a wireless router. A security vulnerability exists in WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3,...