CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2022/08/10 8:15 p.m.•9 views

CVE-2022-35533

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: clilist and clinum, which leads to command injection in page /qos.shtml...

9.8CVSS0.02302EPSS

NVD•added 2022/08/10 8:15 p.m.•24 views

CVE-2022-35526

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml...

9.8CVSS0.02302EPSS

NVD•added 2022/08/10 8:15 p.m.•15 views

CVE-2022-35520

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn't appear in POST body, but exist in cgi binary. This leads to command injection in page /ledonoff.shtml...

9.8CVSS0.02302EPSS

ATTACKERKB•added 2022/08/10 8:15 p.m.•6 views

CVE-2022-35517

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: webpskValue, wlMethod, wlanssid, EncrypType, rwanip, rwanmask, rwangateway, pppusername, ppppasswd and pppsetver, which leads to command injection in page /wizardroutermesh.shtml...

8.8CVSS7.3AI score0.02251EPSS

Prion•added 2022/08/10 8:15 p.m.•13 views

Command injection

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: clilist and clinum, which leads to command injection in page /qos.shtml...

7.5CVSS9.7AI score0.02302EPSS

Prion•added 2022/08/10 8:15 p.m.•11 views

Command injection

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac5g and Newname, which leads to command injection in page /wifimesh.shtml...

7.5CVSS9.7AI score0.02238EPSS

CNNVD•added 2022/08/10 12:0 a.m.•4 views

多款WAVLINK产品安全漏洞

WAVLINK AC1200 is a dual-band high power wireless router.WAVLINK WL-WN531P3 is a wireless router.WAVLINK WN533A8 is a wireless router.WAVLINK WL-WN531P3 is a wireless router.WAVLINK WN533A8 is a wireless router.WAVLINK WN533A8 is a wireless router.WAVLINK WN533A8 is a wireless router.WAVLINK...

9.8CVSS8.3AI score0.02302EPSS

CNNVD•added 2022/08/10 12:0 a.m.•1 views

多款WAVLINK产品安全漏洞

WAVLINK AC1200 and others are products of China RuiYin Technology WAVLINK.WAVLINK AC1200 is a dual-band high-power wireless router.WAVLINK WL-WN531P3 is a wireless router.WAVLINK WN533A8 is a wireless router. A security vulnerability exists in WAVLINK that stems from its qos.cgi component that do...

9.8CVSS8.3AI score0.02238EPSS

CNNVD•added 2022/08/10 12:0 a.m.•4 views

WAVLINK WL-WN531P3和WAVLINK WN533A8 安全漏洞

WAVLINK WL-WN531P3 and WAVLINK WN533A8 are both products of China RuiYin Technology WAVLINK.WAVLINK WL-WN531P3 is a wireless router.WAVLINK WN533A8 is a wireless router. A security vulnerability exists in WAVLINK, which stems from the unfiltered parameters mac5g and Newname in its wireless.cgi...

9.8CVSS8.3AI score0.02238EPSS

CVE•added 2022/08/09 7:59 p.m.•61 views

CVE-2022-35517

CVE-2022-35517 affects WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3 and WN531P3 due to lack of input filtering in adm.cgi. The vulnerability, described as unfiltered parameters web_pskValue, wl_Method, wlan_ssid, EncrypType, rwan_ip, rwan_mask, rwan_gateway, ppp_username, ppp_passwd, ppp_setver, e...

8.8CVSS8.9AI score0.02251EPSS

CVE•added 2022/08/09 7:56 p.m.•61 views

CVE-2022-35518

The CVE-2022-35518 issue affects WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3 devices where nas.cgi does not filter parameters User1Passwd and User1 in /nas_disk.shtml, enabling command injection. Concrete details in connected sources show the root cause as unfiltered input leading to...

9.8CVSS8.9AI score0.01509EPSS

CVE•added 2022/08/09 7:55 p.m.•52 views

CVE-2022-35519

The CVE-2022-35519 issue affects WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3. Root cause: firewall.cgi does not filter the add_mac parameter, enabling command injection on the /cli_black_list.shtml page. Impact details are stated in the connected Red Hat and CVE records, indicating t...

Cvelist•added 2022/08/09 7:53 p.m.•16 views

CVE-2022-35520

9.9AI score0.02302EPSS

CVE•added 2022/08/09 7:53 p.m.•522 views

CVE-2022-35520

CVE-2022-35520 affects WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3 where the api.cgi component does not filter the hidden ufconf parameter, which exists in the CGI binary but not in POST data, enabling command injection on the /ledonoff.shtml page. Public references in the connected ...

Cvelist•added 2022/08/09 7:52 p.m.•15 views

CVE-2022-35521

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and blockSynFloodEnabled, which leads to command injection in page /mansecurity.shtml...

10AI score0.02302EPSS

Cvelist•added 2022/08/09 7:50 p.m.•13 views

CVE-2022-35523

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter delmac and parameter flag, which leads to command injection in page /cliblacklist.shtml...

10AI score0.02302EPSS

CVE•added 2022/08/09 7:50 p.m.•55 views

CVE-2022-35523

CVE-2022-35523 affects WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3. The vulnerability is due to no filtering on the del_mac and flag parameters in the firewall.cgi, enabling command injection via the /cli_black_list.shtml page. The root cause is improper input validation in the firew...

CVE•added 2022/08/09 7:49 p.m.•49 views

CVE-2022-35524

The CVE-2022-35524 issue affects WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3 devices. Root cause: adm.cgi lacks filtering on multiple parameters (wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid, wlan_channel), enabling command injection on the /wizard_re...