CVE-2022-35537

CVE-2022-35537

EPSS 2.2%

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac_5g and Newname, which leads to command injection in page /wifi_mesh.shtml.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/TyeYeah/othercveinfo/tree/main/wavlink#wavlink-router-ac1200-page-wifi_meshshtml-hidden-parameter-command-injection-in-wirelesscgi