Wavlink Wn531g3
6 CVEs affecting Wavlink Wn531g3. Latest disclosed: 2022-09-13. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-40623 | High | 8.8 | 2022-09-13 | The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such a… |
CVE-2022-40622 | High | 8.8 | 2022-09-13 | The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 uses IP addresses to hold sessions and does not not use session tokens. Therefore… |
CVE-2022-40621 | High | 7.5 | 2022-09-13 | Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier communicates over HTTP and not HTTPS, and because the hashing… |
CVE-2020-10973 | High | 7.5 | 2020-05-07 | An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST… |
CVE-2020-10972 | High | 7.5 | 2020-05-07 | An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is r… |
CVE-2020-12266 | High | 7.5 | 2020-04-27 | An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for i… |