CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-23900

A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.058

EPSS Ranking 90.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://stigward.medium.com/wavlink-command-injection-cve-2022-23900-51988f6f15df
https://www.wavlink.com/en_us/product/WL-WN531P3.html
https://stigward.medium.com/wavlink-command-injection-cve-2022-23900-51988f6f15df
https://www.wavlink.com/en_us/product/WL-WN531P3.html

Products affected by CVE-2022-23900

Wavlink » Wl-Wn531p3 » Version: N/A

cpe:2.3:h:wavlink:wl-wn531p3:-
Wavlink » Wl-Wn531p3 Firmware » Version: m31g3.v5030.201204

cpe:2.3:o:wavlink:wl-wn531p3_firmware:m31g3.v5030.201204

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-23900

Products

Pricing

Contact Us