Wn551k1 Firmware Security Vulnerabilities and Issues — Wn551k1 Firmware CVE List

Lucene search

WavlinkWn551k1 Firmware

7 matches found

CVE•added 2024/06/24 9:15 p.m.•44 views

CVE-2024-38896

WAVLINK WN551K1 found a command injection vulnerability through the start_hour parameter of /cgi-bin/nightled.cgi.

5.3CVSS7.5AI score0.07757EPSS

CVE•added 2020/05/07 6:15 p.m.•43 views

CVE-2020-10973

An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker ...

7.5CVSS7.4AI score0.23523EPSS

CVE•added 2020/04/27 3:15 p.m.•38 views

CVE-2020-12266

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. The devices automatically query these pages to update dashboards and other statistics, but the pages can be accessed external...

7.5CVSS8.6AI score0.00423EPSS

CVE•added 2024/06/24 9:15 p.m.•37 views

CVE-2024-38894

WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin/touchlist_sync.cgi.

5.3CVSS7.7AI score0.05866EPSS

CVE•added 2024/06/24 9:15 p.m.•36 views

CVE-2024-38895

WAVLINK WN551K1'live_mfg.shtml enables attackers to obtain sensitive router information.

5.3CVSS6.7AI score0.0013EPSS

CVE•added 2024/06/24 9:15 p.m.•35 views

CVE-2024-38897

WAVLINK WN551K1'live_check.shtml enables attackers to obtain sensitive router information.

5.3CVSS6.9AI score0.0013EPSS

CVE•added 2024/06/24 9:15 p.m.•34 views

CVE-2024-38892

An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component.

6.5CVSS6.5AI score0.00096EPSS