WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter led_switch, which leads to command injection in page /ledonoff.shtml.
2022-08-10T20:15:56.287
2024-11-21T07:11:17.920
Modified
CVSSv3.1: 9.8 (CRITICAL)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | wavlink | wn572hp3_firmware | - | Yes |
| Hardware | wavlink | wn572hp3 | - | No |
| Operating System | wavlink | wn533a8_firmware | - | Yes |
| Hardware | wavlink | wn533a8 | - | No |
| Operating System | wavlink | wn530h4_firmware | - | Yes |
| Hardware | wavlink | wn530h4 | - | No |
| Operating System | wavlink | wn535g3_firmware | - | Yes |
| Hardware | wavlink | wn535g3 | - | No |
| Operating System | wavlink | wn531p3_firmware | - | Yes |
| Hardware | wavlink | wn531p3 | - | No |