Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Wavlink Subscribe
Filtered by product Wn530h4 Firmware
Total 23 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-12125 1 Wavlink 2 Wn530h4, Wn530h4 Firmware 2020-10-07 10.0 HIGH 9.8 CRITICAL
A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication.
CVE-2020-12124 1 Wavlink 2 Wn530h4, Wn530h4 Firmware 2020-10-07 10.0 HIGH 9.8 CRITICAL
A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication.
CVE-2020-12123 1 Wavlink 2 Wn530h4, Wn530h4 Firmware 2020-10-07 7.8 HIGH 8.1 HIGH
CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authenticated in the router portal, then this attack will work.