Описание
A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used.
Ссылки
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:wavlink:wl-wn535k2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:wavlink:wl-wn535k2:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:wavlink:wl-wn535k3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:wavlink:wl-wn535k3:-:*:*:*:*:*:*:*
EPSS
Процентиль: 100%
0.92316
Критический
8 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 100%
0.92316
Критический
8 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-78
CWE-78