Описание
The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote, unauthenticated command execution.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до m31g3.v5030.200325 (включая)
Одновременно
cpe:2.3:o:wavlink:wn531g3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wavlink:wn531g3:-:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00309
Низкий
8.8 High
CVSS3
Дефекты
CWE-352
CWE-352
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote, unauthenticated command execution.
EPSS
Процентиль: 54%
0.00309
Низкий
8.8 High
CVSS3
Дефекты
CWE-352
CWE-352