CVE-2022-44356

Published: Nov 29, 2022Modified: Apr 25, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files.

Affected (2)

Products: Wavlink: Wl Wn531g3 Firmware

Wavlink

1 product

Wl Wn531g3 Firmware

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Wavlink Wl Wn531g3 Firmware	Version m31g3.v5030.200325
Wavlink Wl Wn531g3 Firmware	Version m31g3.v5030.201204

Running on/with	Platform Versions
Wavlink Wl Wn531g3	All versions

Related CWEs

CWE-552

Files or Directories Accessible to External Parties

The product makes files or directories accessible to unauthorized actors, even though they should not be.

References (2)

https://github.com/strik3r0x1/Vulns/blob/main/Wavlink%20WL-WN531G3.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/strik3r0x1/Vulns/blob/main/Wavlink%20WL-WN531G3.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.