CVEs (23)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac_5g and Newname, which leads to command injection in page /wifi_mesh.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_bandwith and qos_dat, which leads to command injection in page /qos.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hiddenSSID32g and SSID2G2, which leads to command injection in page /wifi_multi_ssid.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter led_switch, which leads to command injection in page /ledonoff.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wlan_channel, which leads to command injectio...Show more |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_list.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to command injection in page /wan.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and blockSynFloodEnabled, which leads to command in...Show more |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn't appear in POST body, but exist in cgi binary. This leads to command injectio...Show more |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which leads to command injection in page /cli_black_list.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreOct 20, 2025 Aug 10, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nas_disk.shtml. |
1Wavlink 5Wn530h4 Firmware Wn531p3 FirmwareWn533a8 Firmware+2 moreNov 21, 2024 Aug 10, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: web_pskValue, wl_Method, wlan_ssid, EncrypType, rwan_ip, rwan_mask, rwan_gateway, ppp_username, ppp_passwd and ppp_setver, whic...Show more |
A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request. |
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request. |
A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. |
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. |