Command Execution Vulnerability in WAVLINK Router Products
CVE-2022-31845

7.5HIGH

Key Information:

Vendor

Wavlink

Vendor
CVE Published:
14 June 2022

What is CVE-2022-31845?

A command execution vulnerability in the live_check.shtml component of the WAVLINK WN535 G3 router allows unauthorized attackers to execute commands that can expose sensitive information stored on the device. By exploiting this flaw, attackers can potentially gain access to critical router settings and operational data, posing significant risks to network security and integrity.

References

EPSS Score

78% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-31845 : Command Execution Vulnerability in WAVLINK Router Products