8 matches found
CVE-2022-2488
A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlistsync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used...
Wavlink AC3000 touchlist_sync.cgi main() arbitrary code execution vulnerability
Talos Vulnerability Report TALOS-2024-1999 Wavlink AC3000 touchlistsync.cgi main arbitrary code execution vulnerability January 14, 2025 CVE Number CVE-2022-2488 SUMMARY An arbitrary code execution vulnerability exists in the touchlistsync.cgi main functionality of Wavlink AC3000...
Wavlink Routers Command Injection (CVE-2022-2486; CVE-2022-2488)
A command injection vulnerability exists in Wavlink Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-2488
creationtimestamp| type| source ---|---|--- 2022-07-20 16:20:00+00:00| seen| https://t.me/cibsecurity/46642 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-01-31 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-31...
CVE-2022-2488
A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlistsync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used...
CVE-2022-2488 WAVLINK WN535K2/WN535K3 touchlist_sync.cgi os command injection
A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlistsync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used...
CVE-2022-2488
Summary: CVE-2022-2488 affects WAVLINK WN535K2 and WN535K3 routers. The issue is an OS command injection in the web endpoint /cgi-bin/touchlist_sync.cgi triggered by manipulating the IP parameter. Affected software: WAVLINK WN535K2/WN535K3 (router firmware). Root cause / vulnerability detail (as ...
CVE-2022-2488 WAVLINK WN535K2/WN535K3 touchlist_sync.cgi os command injection
A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlistsync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used...