CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-2487

A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.942

EPSS Ranking 99.9%

CVSS Severity

CVSS v3 Score 8.0

References

https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20nightled.cgi%20.md
https://vuldb.com/?id.204538
https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20nightled.cgi%20.md
https://vuldb.com/?id.204538

Products affected by CVE-2022-2487

Wavlink » Wl-Wn535k2 » Version: N/A

cpe:2.3:h:wavlink:wl-wn535k2:-
Wavlink » Wl-Wn535k3 » Version: N/A

cpe:2.3:h:wavlink:wl-wn535k3:-
Wavlink » Wl-Wn535k2 Firmware » Version: N/A

cpe:2.3:o:wavlink:wl-wn535k2_firmware:-
Wavlink » Wl-Wn535k3 Firmware » Version: N/A

cpe:2.3:o:wavlink:wl-wn535k3_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-2487

Products

Pricing

Contact Us