CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

53 matches found

RedhatCVE•added 2026/01/09 10:41 a.m.•8 views

CVE-2022-35535

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifimesh.shtml...

9.8CVSS7.5AI score0.02302EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:41 a.m.•6 views

CVE-2022-35526

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml...

9.8CVSS7.5AI score0.02302EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:41 a.m.•8 views

CVE-2022-35537

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac5g and Newname, which leads to command injection in page /wifimesh.shtml...

9.8CVSS7.5AI score0.02238EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:40 a.m.•10 views

CVE-2022-35520

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn't appear in POST body, but exist in cgi binary. This leads to command injection in page /ledonoff.shtml...

9.8CVSS7.4AI score0.02302EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:40 a.m.•7 views

CVE-2022-35524

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlansignal, webpskValue, selEncrypTyp, selAutomode, wlanbssid, wlanssid and wlanchannel, which leads to command injection in page /wizardrep.shtml...

9.8CVSS7.5AI score0.02302EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:40 a.m.•7 views

CVE-2022-35538

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: deletelist, deletealmac, bdeletelist and bdeletealmac, which leads to command injection in page /wifimesh.shtml...

9.8CVSS7.5AI score0.02238EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:39 a.m.•7 views

CVE-2022-35525

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter ledswitch, which leads to command injection in page /ledonoff.shtml...

9.8CVSS7.4AI score0.02404EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:39 a.m.•8 views

CVE-2022-35536

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qosbandwith and qosdat, which leads to command injection in page /qos.shtml...

9.8CVSS7.5AI score0.02238EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:39 a.m.•7 views

CVE-2022-35518

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nasdisk.shtml...

9.8CVSS7.3AI score0.01509EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:57 a.m.•24 views

CVE-2020-12266

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. The devices automatically query these pages to update dashboards and other statistics, but the pages can be accessed...

7.5CVSS6.7AI score0.01722EPSS

Exploits0References1