Skip to main content

Wl Wn579G3 Firmware

3 CVEs product

Monthly

CVE-2020-10974 HIGH This Week

An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wl Wn575A3 Firmware Wl Wn579G3 Firmware Wn531A6 Firmware Wn535G3 Firmware +9
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-10971 HIGH This Week

An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wl Wn575A3 Firmware Wl Wn530Hg4 Firmware Wl Wn579G3 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
2.7%
CVE-2020-12266 HIGH This Week

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wl Wn579G3 Firmware Wl Wn575A3 Firmware Wl Wn530Hg4 Firmware Wn531G3 Firmware +11
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wl Wn575A3 Firmware Wl Wn579G3 Firmware +11
NVD GitHub
EPSS 3% CVSS 8.8
HIGH This Week

An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wl Wn575A3 Firmware Wl Wn530Hg4 Firmware +1
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wl Wn579G3 Firmware Wl Wn575A3 Firmware +13
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy