Shodan
Vulnerabilities
Vulnerable Software
Wavlink:  Security Vulnerabilities
CVE-2022-35522
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to command injection in page /wan.shtml.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-08-10
CVE-2022-35523
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_list.shtml.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-08-10
CVE-2022-35517
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: web_pskValue, wl_Method, wlan_ssid, EncrypType, rwan_ip, rwan_mask, rwan_gateway, ppp_username, ppp_passwd and ppp_setver, which leads to command injection in page /wizard_router_mesh.shtml.
CVSS Score
8.8
EPSS Score
0.005
Published
2022-08-10
CVE-2022-35518
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nas_disk.shtml.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-08-10
CVE-2022-35519
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which leads to command injection in page /cli_black_list.shtml.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-08-10
CVE-2022-34570
WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows attackers to obtain the key information via accessing the messages.txt page.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-07-25
CVE-2022-34571
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the system key information and execute arbitrary commands via accessing the page syslog.shtml.
CVSS Score
8.0
EPSS Score
0.001
Published
2022-07-25
CVE-2022-34572
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the telnet password via accessing the page tftp.txt.
CVSS Score
5.7
EPSS Score
0.001
Published
2022-07-25
CVE-2022-34573
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to arbitrarily configure device settings via accessing the page mb_wifibasic.shtml.
CVSS Score
6.3
EPSS Score
0.001
Published
2022-07-25
CVE-2022-34574
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing Tftpd32.ini.
CVSS Score
5.7
EPSS Score
0.001
Published
2022-07-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved