Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-5408

Опубликовано: 01 июн. 2025
Источник: nvd
CVSS3: 9.8
CVSS2: 10
EPSS Низкий

Описание

A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3 and WL-WN576K1 up to V1410_240222 and classified as critical. Affected by this issue is the function sys_login of the file /cgi-bin/login.cgi of the component HTTP POST Request Handler. The manipulation of the argument login_page leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Ссылки

EPSS

Процентиль: 19%
0.00059
Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

github логотип

GHSA-hwq5-562f-8695

CVSS3: 9.8
github
около 1 месяца назад

A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3 and WL-WN576K1 up to V1410_240222 and classified as critical. Affected by this issue is the function sys_login of the file /cgi-bin/login.cgi of the component HTTP POST Request Handler. The manipulation of the argument login_page leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

fstec логотип

BDU:2025-06255

CVSS3: 9.8
fstec
около 2 месяцев назад

Уязвимость функции sys_login сценария /cgi-bin/login.cgi микропрограммного обеспечения маршрутизаторов WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3 и WL-WN576K1, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 19%
0.00059
Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-119