Wn535g3_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Wn535g3_firmware
(Wavlink)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	23

Date	Id	Summary	Products	Score	Patch	Annotated
2022-08-10	CVE-2022-35533	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml.	Wn530h4_firmware, Wn531p3_firmware, Wn533a8_firmware, Wn535g3_firmware, Wn572hp3_firmware	9.8
2022-08-10	CVE-2022-35534	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hiddenSSID32g and SSID2G2, which leads to command injection in page /wifi_multi_ssid.shtml.	Wn530h4_firmware, Wn531p3_firmware, Wn533a8_firmware, Wn535g3_firmware, Wn572hp3_firmware	9.8
2022-08-10	CVE-2022-35535	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml.	Wn530h4_firmware, Wn531p3_firmware, Wn533a8_firmware, Wn535g3_firmware, Wn572hp3_firmware	9.8
2022-08-10	CVE-2022-35536	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_bandwith and qos_dat, which leads to command injection in page /qos.shtml.	Wn530h4_firmware, Wn531p3_firmware, Wn533a8_firmware, Wn535g3_firmware, Wn572hp3_firmware	9.8
2022-08-10	CVE-2022-35537	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac_5g and Newname, which leads to command injection in page /wifi_mesh.shtml.	Wn530h4_firmware, Wn531p3_firmware, Wn533a8_firmware, Wn535g3_firmware, Wn572hp3_firmware	9.8
2022-08-10	CVE-2022-35538	WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml.	Wn530h4_firmware, Wn531p3_firmware, Wn533a8_firmware, Wn535g3_firmware, Wn572hp3_firmware	9.8
2022-07-25	CVE-2022-34576	A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.	Wn535g3_firmware	7.5
2022-07-25	CVE-2022-34577	A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.	Wn535g3_firmware	9.8
2022-06-14	CVE-2022-31845	A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.	Wn535g3_firmware	7.5
2022-06-14	CVE-2022-31846	A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.	Wn535g3_firmware	7.5