Wavlink Wl-wn575a3
7 CVEs affecting Wavlink Wl-wn575a3. Latest disclosed: 2025-02-11. Critical: 3, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-38861 | Critical | 9.8 | 2023-08-15 | An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in a… |
CVE-2022-37149 | Critical | 9.8 | 2022-08-30 | WAVLINK WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability when operating the file adm.cgi. This vulnerability allows… |
CVE-2022-34592 | Critical | 9.8 | 2022-07-07 | Wavlink WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability via the function obtw. This vulnerability allows attackers… |
CVE-2020-10971 | High | 8.8 | 2020-05-07 | An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied comm… |
CVE-2020-10974 | High | 7.5 | 2020-05-07 | An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the adm… |
CVE-2020-12266 | High | 7.5 | 2020-04-27 | An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for i… |
CVE-2025-25528 | Medium | 5.1 | 2025-02-11 | Multiple buffer overflow vulnerabilities in Wavlink WL-WN575A3 RPT75A3.V4300, which are caused by not performing strict length checks on user-controlled data… |