Shodan
Vulnerabilities
Vulnerable Software
Wavlink:  Security Vulnerabilities
CVE-2022-31309
A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVSS Score
7.5
EPSS Score
0.016
Published
2022-06-14
CVE-2022-31311
An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request.
CVSS Score
9.8
EPSS Score
0.028
Published
2022-06-14
CVE-2022-31845
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVSS Score
7.5
EPSS Score
0.082
Published
2022-06-14
CVE-2022-31846
A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVSS Score
7.5
EPSS Score
0.07
Published
2022-06-14
CVE-2022-31847
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.
CVSS Score
7.5
EPSS Score
0.055
Published
2022-06-14
CVE-2022-31308
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVSS Score
7.5
EPSS Score
0.016
Published
2022-06-14
CVE-2022-30489
WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.
CVSS Score
6.1
EPSS Score
0.038
Published
2022-05-13
CVE-2022-23900
A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi.
CVSS Score
9.8
EPSS Score
0.035
Published
2022-04-07
CVE-2021-44259
A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When an unauthorized user accesses this page directly, it connects to this device as a friend of the device owner.
CVSS Score
9.8
EPSS Score
0.019
Published
2022-03-17
CVE-2021-44260
A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router.
CVSS Score
7.5
EPSS Score
0.076
Published
2022-03-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved