Skip to main content

Wn531G3 Firmware

6 CVEs product

Monthly

CVE-2022-40623 HIGH POC This Week

The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Wn531G3 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-40622 HIGH POC This Week

The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 uses IP addresses to hold sessions and does not not use session tokens. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn531G3 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-40621 HIGH POC This Week

Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier communicates over HTTP and not HTTPS, and because the hashing mechanism does not rely on a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Wn531G3 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-10973 HIGH POC This Week

An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wn530Hg4 Firmware Wn531G3 Firmware Wn533A8 Firmware Wn551K1 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
7.8%
CVE-2020-10972 HIGH This Week

An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wn530Hg4 Firmware Wn531G3 Firmware Wn572Hg3 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-12266 HIGH This Week

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wl Wn579G3 Firmware Wl Wn575A3 Firmware Wl Wn530Hg4 Firmware Wn531G3 Firmware +11
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
EPSS 1% CVSS 8.8
HIGH POC This Week

The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Wn531G3 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 uses IP addresses to hold sessions and does not not use session tokens. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn531G3 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier communicates over HTTP and not HTTPS, and because the hashing mechanism does not rely on a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Wn531G3 Firmware
NVD
EPSS 8% CVSS 7.5
HIGH POC This Week

An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wn530Hg4 Firmware Wn531G3 Firmware +2
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wn530Hg4 Firmware Wn531G3 Firmware +1
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wl Wn579G3 Firmware Wl Wn575A3 Firmware +13
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy