CVE-2023-3380
- EPSS 46%
- Veröffentlicht 23.06.2023 10:15:10
- Zuletzt bearbeitet 21.11.2024 08:17:08
A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possib...
CVE-2022-31847
- EPSS 58.44%
- Veröffentlicht 14.06.2022 14:15:08
- Zuletzt bearbeitet 21.11.2024 07:05:23
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.
- EPSS 93.94%
- Veröffentlicht 09.02.2021 19:15:13
- Zuletzt bearbeitet 19.08.2025 14:15:36
Wavlink WN575A4, WN579X3, and WN530G3A devices through 2020-05-15 allow unauthenticated remote users to inject commands via the key parameter in a login request.
CVE-2020-10974
- EPSS 0.34%
- Veröffentlicht 07.05.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:56:29
An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN575A3, Wavl...
CVE-2020-12266
- EPSS 0.42%
- Veröffentlicht 27.04.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 04:59:24
An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. The devices automatically query these pages to update dashboards and other s...