Wn531p3 Firmware

wn531p3_firmware

Vendor: Wavlink • 17 CVEs

CVEs (17)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-54747 1Wavlink 1Wn531p3 Firmware Oct 3, 2025 Dec 6, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
CVE-2022-35538 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml.
CVE-2022-35537 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac_5g and Newname, which leads to command injection in page /wifi_mesh.shtml.
CVE-2022-35536 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_bandwith and qos_dat, which leads to command injection in page /qos.shtml.
CVE-2022-35535 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml.
CVE-2022-35534 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hiddenSSID32g and SSID2G2, which leads to command injection in page /wifi_multi_ssid.shtml.
CVE-2022-35533 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml.
CVE-2022-35526 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml.
CVE-2022-35525 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter led_switch, which leads to command injection in page /ledonoff.shtml.
CVE-2022-35524 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wlan_channel, which leads to command injectio...Show more WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wlan_channel, which leads to command injection in page /wizard_rep.shtml.Show less
CVE-2022-35523 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_list.shtml.
CVE-2022-35522 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to command injection in page /wan.shtml.
CVE-2022-35521 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and blockSynFloodEnabled, which leads to command in...Show more WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and blockSynFloodEnabled, which leads to command injection in page /man_security.shtml.Show less
CVE-2022-35520 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn't appear in POST body, but exist in cgi binary. This leads to command injectio...Show more WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn't appear in POST body, but exist in cgi binary. This leads to command injection in page /ledonoff.shtml.Show less
CVE-2022-35519 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which leads to command injection in page /cli_black_list.shtml.
CVE-2022-35518 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Oct 20, 2025 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nas_disk.shtml.
CVE-2022-35517 1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 more Nov 21, 2024 Aug 10, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: web_pskValue, wl_Method, wlan_ssid, EncrypType, rwan_ip, rwan_mask, rwan_gateway, ppp_username, ppp_passwd and ppp_setver, whic...Show more WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: web_pskValue, wl_Method, wlan_ssid, EncrypType, rwan_ip, rwan_mask, rwan_gateway, ppp_username, ppp_passwd and ppp_setver, which leads to command injection in page /wizard_router_mesh.shtml.Show less