← Back

Wavlink

wavlink

203 CVEs • 76 products

Products (76)

Click to collapse
Toggle
Wl Wn533a8 Firmware
wl-wn533a8_firmware
63 CVEs
Wl Nu516u1 Firmware
wl-nu516u1_firmware
28 CVEs
Wn530h4 Firmware
wn530h4_firmware
27 CVEs
Wn535g3 Firmware
wn535g3_firmware
23 CVEs
Wn533a8 Firmware
wn533a8_firmware
20 CVEs
Wn531p3 Firmware
wn531p3_firmware
17 CVEs
Wn572hp3 Firmware
wn572hp3_firmware
16 CVEs
Wl Wn578w2 Firmware
wl-wn578w2_firmware
9 CVEs
Wl Wn530hg4 Firmware
wl-wn530hg4_firmware
8 CVEs
Wl Wn579a3 Firmware
wl-wn579a3_firmware
8 CVEs
Wl Wn575a3 Firmware
wl-wn575a3_firmware
7 CVEs
Wn551k1 Firmware
wn551k1_firmware
7 CVEs
Wn531g3 Firmware
wn531g3_firmware
6 CVEs
Wn530hg4 Firmware
wn530hg4_firmware
6 CVEs
Wn572hg3 Firmware
wn572hg3_firmware
6 CVEs
Wn579x3 Firmware
wn579x3_firmware
5 CVEs
Wl Wn535k3 Firmware
wl-wn535k3_firmware
5 CVEs
Wifi Repeater Firmware
wifi-repeater_firmware
5 CVEs
Wl Wn531ax2 Firmware
wl-wn531ax2_firmware
5 CVEs
Wl Wn579g3 Firmware
wl-wn579g3_firmware
3 CVEs
Wl Wn531g3 Firmware
wl-wn531g3_firmware
3 CVEs
Aerial X 1200m Firmware
aerial_x_1200m_firmware
3 CVEs
Wl Wn535k2 Firmware
wl-wn535k2_firmware
3 CVEs
Wl Wn579x3 C Firmware
wl-wn579x3-c_firmware
3 CVEs
Wl Wn570ha1 Firmware
wl-wn570ha1_firmware
3 CVEs
Wn531a6 Firmware
wn531a6_firmware
2 CVEs
Wn57x93 Firmware
wn57x93_firmware
2 CVEs
Wn578a2 Firmware
wn578a2_firmware
2 CVEs
Wn579g3 Firmware
wn579g3_firmware
2 CVEs
Jetstream Ac3000 Firmware
jetstream_ac3000_firmware
2 CVEs
Jetstream Erac3000 Firmware
jetstream_erac3000_firmware
2 CVEs
Wn575a4 Firmware
wn575a4_firmware
2 CVEs
Wl Wn531p3 Firmware
wl-wn531p3_firmware
2 CVEs
Wl Wn530h4 Firmware
wl-wn530h4_firmware
2 CVEs
Wl Wn579x3 Firmware
wl-wn579x3_firmware
1 CVE
Wavrouter App
wavrouter_app
1 CVE
Wn701ae Firmware
wn701ae_firmware
1 CVE
Wn535k3 Firmware
wn535k3_firmware
1 CVE
Wl Wn586x3a Firmware
wl-wn586x3a_firmware
1 CVE
Wl Wn579g3
wl-wn579g3
0 CVEs
Wl Wn575a3
wl-wn575a3
0 CVEs
Wl Wn530hg4
wl-wn530hg4
0 CVEs
Wn531g3
wn531g3
0 CVEs
Wn533a8
wn533a8
0 CVEs
Wn531a6
wn531a6
0 CVEs
Wn551k1
wn551k1
0 CVEs
Wn535g3
wn535g3
0 CVEs
Wn530h4
wn530h4
0 CVEs
Wn57x93
wn57x93
0 CVEs
Wn578a2
wn578a2
0 CVEs
Wn579g3
wn579g3
0 CVEs
Wn579x3
wn579x3
0 CVEs
Jetstream Ac3000
jetstream_ac3000
0 CVEs
Jetstream Erac3000
jetstream_erac3000
0 CVEs
Wn530hg4
wn530hg4
0 CVEs
Wn572hg3
wn572hg3
0 CVEs
Wn575a4
wn575a4
0 CVEs
Wl Wn531g3
wl-wn531g3
0 CVEs
Wl Wn531p3
wl-wn531p3
0 CVEs
Aerial X 1200m
aerial_x_1200m
0 CVEs
Wl Wn535k2
wl-wn535k2
0 CVEs
Wl Wn535k3
wl-wn535k3
0 CVEs
Wl Wn579x3
wl-wn579x3
0 CVEs
Wn572hp3
wn572hp3
0 CVEs
Wn531p3
wn531p3
0 CVEs
Wl Wn530h4
wl-wn530h4
0 CVEs
Wl Wn533a8
wl-wn533a8
0 CVEs
Wl Wn531ax2
wl-wn531ax2
0 CVEs
Wn701ae
wn701ae
0 CVEs
Wl Wn579a3
wl-wn579a3
0 CVEs
Wn535k3
wn535k3
0 CVEs
Wl Nu516u1
wl-nu516u1
0 CVEs
Wl Wn578w2
wl-wn578w2
0 CVEs
Wl Wn586x3a
wl-wn586x3a
0 CVEs
Wl Wn579x3 C
wl-wn579x3-c
0 CVEs
Wl Wn570ha1
wl-wn570ha1
0 CVEs

CVEs (203)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-31847
1Wavlink
1Wn579x3 Firmware
Nov 21, 2024
Jun 14, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.
CVE-2022-31846
1Wavlink
1Wn535g3 Firmware
Nov 21, 2024
Jun 14, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVE-2022-31845
1Wavlink
1Wn535g3 Firmware
Nov 21, 2024
Jun 14, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVE-2022-31311
1Wavlink
1Aerial X 1200m Firmware
Nov 21, 2024
Jun 14, 2022
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request.
CVE-2022-31309
1Wavlink
1Aerial X 1200m Firmware
Nov 21, 2024
Jun 14, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVE-2022-31308
1Wavlink
1Aerial X 1200m Firmware
Nov 21, 2024
Jun 14, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVE-2022-30489
1Wavlink
1Wn535g3 Firmware
Nov 21, 2024
May 13, 2022
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.
CVE-2022-23900
1Wavlink
1Wl Wn531p3 Firmware
Nov 21, 2024
Apr 7, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/ad...Show more
A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi.Show less
CVE-2021-44260
1Wavlink
1Wl Wn531g3 Firmware
Nov 21, 2024
Mar 17, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes som...Show more
A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router.Show less
CVE-2021-44259
1Wavlink
1Wl Wn531g3 Firmware
Nov 21, 2024
Mar 17, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When an unauthorized user accesses t...Show more
A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When an unauthorized user accesses this page directly, it connects to this device as a friend of the device owner.Show less
CVE-2020-13117
1Wavlink
2Wn575a4 Firmware
Wn579x3 Firmware
Aug 19, 2025
Feb 9, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Wavlink WN575A4, WN579X3, and WN530G3A devices through 2020-05-15 allow unauthenticated remote users to inject commands via the key parameter in a login request.
CVE-2020-12127
1Wavlink
1Wn530h4 Firmware
Nov 21, 2024
Oct 2, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings,...Show more
An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.Show less
CVE-2020-12126
1Wavlink
1Wn530h4 Firmware
Nov 21, 2024
Oct 2, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service vi...Show more
Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint.Show less
CVE-2020-12125
1Wavlink
1Wn530h4 Firmware
Nov 21, 2024
Oct 2, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication.
CVE-2020-12124
1Wavlink
1Wn530h4 Firmware
Nov 21, 2024
Oct 2, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication.
CVE-2020-12123
1Wavlink
1Wn530h4 Firmware
Nov 21, 2024
Oct 2, 2020
N/A· v4
8.1 HIGH· v3
7.8 HIGH· v2
CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authentica...Show more
CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authenticated in the router portal, then this attack will work.Show less
CVE-2020-15490
1Wavlink
1Wl Wn530hg4 Firmware
Nov 21, 2024
Jul 1, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple buffer overflow vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges. (The set of affected scrip...Show more
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple buffer overflow vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges. (The set of affected scripts is similar to CVE-2020-12266.)Show less
CVE-2020-15489
1Wavlink
1Wl Wn530hg4 Firmware
Nov 21, 2024
Jul 1, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges.
CVE-2020-10974
1Wavlink
13Jetstream Ac3000 Firmware
Jetstream Erac3000 FirmwareWl Wn575a3 Firmware+10 more
Nov 21, 2024
May 7, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected...Show more
An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavlink WN579G3, Wavlink WN531A6, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, Wavlink WN572HG3, Wavlink WN575A4, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000Show less
CVE-2020-10973
1Wavlink
4Wn530hg4 Firmware
Wn531g3 FirmwareWn533a8 Firmware+1 more
Nov 21, 2024
May 7, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, inc...Show more
An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker must perform a decryption step, but all decryption information is readily available.Show less