Skip to main content

Wn551K1 Firmware

7 CVEs product

Monthly

CVE-2024-38897 MEDIUM POC This Month

WAVLINK WN551K1'live_check.shtml enables attackers to obtain sensitive router information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn551K1 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-38896 MEDIUM POC This Month

WAVLINK WN551K1 found a command injection vulnerability through the start_hour parameter of /cgi-bin/nightled.cgi. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wn551K1 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%
CVE-2024-38895 MEDIUM POC This Month

WAVLINK WN551K1'live_mfg.shtml enables attackers to obtain sensitive router information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn551K1 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-38894 MEDIUM POC This Month

WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin/touchlist_sync.cgi. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wn551K1 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%
CVE-2024-38892 MEDIUM POC This Month

An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn551K1 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-10973 HIGH POC This Week

An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wn530Hg4 Firmware Wn531G3 Firmware Wn533A8 Firmware Wn551K1 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
7.8%
CVE-2020-12266 HIGH This Week

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wl Wn579G3 Firmware Wl Wn575A3 Firmware Wl Wn530Hg4 Firmware Wn531G3 Firmware +11
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
EPSS 0% CVSS 5.3
MEDIUM POC This Month

WAVLINK WN551K1'live_check.shtml enables attackers to obtain sensitive router information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn551K1 Firmware
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

WAVLINK WN551K1 found a command injection vulnerability through the start_hour parameter of /cgi-bin/nightled.cgi. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wn551K1 Firmware
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC This Month

WAVLINK WN551K1'live_mfg.shtml enables attackers to obtain sensitive router information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn551K1 Firmware
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin/touchlist_sync.cgi. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wn551K1 Firmware
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wn551K1 Firmware
NVD GitHub
EPSS 8% CVSS 7.5
HIGH POC This Week

An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wn530Hg4 Firmware Wn531G3 Firmware +2
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wl Wn579G3 Firmware Wl Wn575A3 Firmware +13
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy