CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Wavlink: >> Wn575a4 Security Vulnerabilities

CVE-2020-13117

Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthenticated remote users to inject commands via the key parameter in a login request.

CVSS Score

9.8

EPSS Score

0.93

Published

2021-02-09

CVE-2020-10974

An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000

CVSS Score

7.5

EPSS Score

0.003

Published

2020-05-07

Page 1

Vulnerabilities

Vulnerable Software

Wavlink: >> Wn575a4 Security Vulnerabilities

Products

Pricing

Contact Us