Shodan
Vulnerabilities
Vulnerable Software
Wavlink:  >> Wn535g3  Security Vulnerabilities
CVE-2022-35521
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and blockSynFloodEnabled, which leads to command injection in page /man_security.shtml.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-08-10
CVE-2022-35522
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to command injection in page /wan.shtml.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-08-10
CVE-2022-35523
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_list.shtml.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-08-10
CVE-2022-35517
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: web_pskValue, wl_Method, wlan_ssid, EncrypType, rwan_ip, rwan_mask, rwan_gateway, ppp_username, ppp_passwd and ppp_setver, which leads to command injection in page /wizard_router_mesh.shtml.
CVSS Score
8.8
EPSS Score
0.005
Published
2022-08-10
CVE-2022-35518
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nas_disk.shtml.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-08-10
CVE-2022-35519
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which leads to command injection in page /cli_black_list.shtml.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-08-10
CVE-2022-34576
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.
CVSS Score
7.5
EPSS Score
0.527
Published
2022-07-25
CVE-2022-34577
A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.
CVSS Score
9.8
EPSS Score
0.009
Published
2022-07-25
CVE-2022-31845
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVSS Score
7.5
EPSS Score
0.79
Published
2022-06-14
CVE-2022-31846
A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVSS Score
7.5
EPSS Score
0.57
Published
2022-06-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved