Skip to main content

Wl Wn530Hg4 Firmware

7 CVEs product

Monthly

CVE-2022-34049 MEDIUM POC This Month

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Path Traversal Wl Wn530Hg4 Firmware
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2022-34047 HIGH POC THREAT This Week

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wl Wn530Hg4 Firmware
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
17.4%
CVE-2022-34045 CRITICAL POC Act Now

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wl Wn530Hg4 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2020-15490 CRITICAL Act Now

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Wl Wn530Hg4 Firmware
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2020-15489 CRITICAL Act Now

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Wl Wn530Hg4 Firmware
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2020-10971 HIGH This Week

An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wl Wn575A3 Firmware Wl Wn530Hg4 Firmware Wl Wn579G3 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
2.7%
CVE-2020-12266 HIGH This Week

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wl Wn579G3 Firmware Wl Wn575A3 Firmware Wl Wn530Hg4 Firmware Wn531G3 Firmware +11
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
EPSS 2% CVSS 5.3
MEDIUM POC This Month

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Path Traversal Wl Wn530Hg4 Firmware
NVD
EPSS 17% CVSS 7.5
HIGH POC THREAT This Week

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wl Wn530Hg4 Firmware
NVD Exploit-DB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wl Wn530Hg4 Firmware
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Wl Wn530Hg4 Firmware
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Wl Wn530Hg4 Firmware
NVD
EPSS 3% CVSS 8.8
HIGH This Week

An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wl Wn575A3 Firmware Wl Wn530Hg4 Firmware +1
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wl Wn579G3 Firmware Wl Wn575A3 Firmware +13
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy