Wavlink Wl-wn530hg4
8 CVEs affecting Wavlink Wl-wn530hg4. Latest disclosed: 2023-02-06. Critical: 3, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-34045 | Critical | 9.8 | 2022-07-20 | Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bi… |
CVE-2020-15490 | Critical | 9.8 | 2020-07-01 | An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple buffer overflow vulnerabilities exist in CGI scripts, leading to remote co… |
CVE-2020-15489 | Critical | 9.8 | 2020-07-01 | An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leadin… |
CVE-2020-10971 | High | 8.8 | 2020-05-07 | An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied comm… |
CVE-2022-48166 | High | 7.5 | 2023-02-06 | An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain adm… |
CVE-2022-34047 | High | 7.5 | 2022-07-20 | An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety… |
CVE-2020-12266 | High | 7.5 | 2020-04-27 | An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for i… |
CVE-2022-34049 | Medium | 5.3 | 2022-07-20 | An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data. |