Wavlink

Wn530h4 Firmware

27 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2024-10429

Exploit
  • EPSS 1.12%
  • Veröffentlicht 27.10.2024 21:15:02
  • Zuletzt bearbeitet 13.11.2024 17:58:18

A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function set_ipv6 of the file internet.cgi. The manipulation of the argument IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAdd...

7.2

CVE-2024-10428

Exploit
  • EPSS 1.12%
  • Veröffentlicht 27.10.2024 21:15:02
  • Zuletzt bearbeitet 13.11.2024 17:57:51

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been rated as critical. This issue affects the function set_ipv6 of the file firewall.cgi. The manipulation of the argument dhcpGateway leads to command inject...

8.8

CVE-2024-10194

Exploit
  • EPSS 0.1%
  • Veröffentlicht 20.10.2024 08:15:02
  • Zuletzt bearbeitet 23.10.2024 16:16:49

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Goto_chidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the ...

7.2

CVE-2024-10193

Exploit
  • EPSS 0.7%
  • Veröffentlicht 20.10.2024 08:15:02
  • Zuletzt bearbeitet 23.10.2024 16:16:11

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. This issue affects the function ping_ddns of the file internet.cgi. The manipulation of the argument DDNS leads to command injection. The a...

9.8

CVE-2022-35538

Exploit
  • EPSS 1.93%
  • Veröffentlicht 10.08.2022 20:15:57
  • Zuletzt bearbeitet 21.11.2024 07:11:19

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml.

9.8

CVE-2022-35537

Exploit
  • EPSS 1.93%
  • Veröffentlicht 10.08.2022 20:15:57
  • Zuletzt bearbeitet 21.11.2024 07:11:18

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac_5g and Newname, which leads to command injection in page /wifi_mesh.shtml.

9.8

CVE-2022-35536

Exploit
  • EPSS 1.93%
  • Veröffentlicht 10.08.2022 20:15:57
  • Zuletzt bearbeitet 21.11.2024 07:11:18

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_bandwith and qos_dat, which leads to command injection in page /qos.shtml.

9.8

CVE-2022-35535

Exploit
  • EPSS 5.2%
  • Veröffentlicht 10.08.2022 20:15:57
  • Zuletzt bearbeitet 21.11.2024 07:11:18

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml.

9.8

CVE-2022-35534

Exploit
  • EPSS 5.2%
  • Veröffentlicht 10.08.2022 20:15:57
  • Zuletzt bearbeitet 21.11.2024 07:11:18

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hiddenSSID32g and SSID2G2, which leads to command injection in page /wifi_multi_ssid.shtml.

9.8

CVE-2022-35533

Exploit
  • EPSS 5.2%
  • Veröffentlicht 10.08.2022 20:15:56
  • Zuletzt bearbeitet 21.11.2024 07:11:18

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml.