← back
CVE-2022-35523

CVE-2022-35523

EPSS 2.3%
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_list.shtml.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#command-injection-occurs-when-adding-blacklist-in-wavlink-router-ac1200-page-cli_black_listshtml-in-firewallcgi