Remote Code Execution Vulnerability in WAVLINK AERIAL X Router
CVE-2022-31308

7.5HIGH

Key Information:

Vendor: Wavlink
Status: Aerial X 1200m Firmware
Vendor: CVE Published:; 14 June 2022

What is CVE-2022-31308?

A vulnerability exists in the live_mfg.shtml file of the WAVLINK AERIAL X 1200M M79X3.V5030.191012 router, which can be exploited by attackers to execute commands. This results in unauthorized access to sensitive router information, potentially compromising the security of the network. Users are advised to review their router configurations and apply necessary updates to mitigate the risks associated with this vulnerability.

References

https://github.com/pghuanghui/CVE_Request/blob/main/WAVLI...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 14, 2022
Vulnerability Reserved
May 23, 2022

Wavlink

What is CVE-2022-31308?

References

CVSS V3.1

Timeline