VYPR

WN572HG3

by Wavlink

CVEs (5)

  • CVE-2024-10194HigOct 20, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Goto_chidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the argument wlanUrl leads to…

  • CVE-2020-10972HigMay 7, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page (a certain live_?.shtml page with the variable syspasswd). Affected Devices: Wavlink…

  • CVE-2024-10429HigOct 27, 2024
    risk 0.48cvss 7.2epss 0.17

    A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function set_ipv6 of the file internet.cgi. The manipulation of the argument IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr leads to command injection.…

  • CVE-2024-10428HigOct 27, 2024
    risk 0.48cvss 7.2epss 0.14

    A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been rated as critical. This issue affects the function set_ipv6 of the file firewall.cgi. The manipulation of the argument dhcpGateway leads to command injection. The attack may be…

  • CVE-2024-10193MedOct 20, 2024
    risk 0.32cvss 4.7epss 0.15

    A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. This issue affects the function ping_ddns of the file internet.cgi. The manipulation of the argument DDNS leads to command injection. The attack may be initiated…