CVE-2022-35524: Command Injection
First published: Wed Aug 10 2022(Updated: )
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wlan_channel, which leads to command injection in page /wizard_rep.shtml.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wavlink Wn572hp3 Firmware | ||
| WAVLINK WN572HP3 | ||
| Wavlink Wn533a8 Firmware | ||
| Wavlink WN533A8 | ||
| Wavlink Wn530h4 Firmware | ||
| Wavlink WN530H4 | ||
| Wavlink Wn535g3 Firmware | ||
| Wavlink WN535G3 | ||
| Wavlink Wn531p3 Firmware | ||
| Wavlink Wn531p3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-35524?
CVE-2022-35524 is a vulnerability found in WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3 routers, specifically in the adm.cgi page, which allows for command injection.
What is the severity of CVE-2022-35524?
CVE-2022-35524 has a severity rating of 9.8 (critical).
Which software versions are affected by CVE-2022-35524?
WAVLINK WN572HP3 Firmware, WAVLINK WN533A8 Firmware, WAVLINK WN530H4 Firmware, WAVLINK WN535G3 Firmware, and WAVLINK WN531P3 Firmware are affected by CVE-2022-35524.
How can I fix CVE-2022-35524?
Currently, there is no known fix for CVE-2022-35524. It is recommended to contact the vendor for further assistance.
Where can I find more information about CVE-2022-35524?
More information about CVE-2022-35524 can be found at the following link: [link](https://github.com/TyeYeah/othercveinfo/blob/main/wavlink/README.md#wavlink-router-ac1200-page-wizard_repshtml-command-injection-in-admcgi)
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/wavlink
- canonical/wavlink wn572hp3 firmware
- canonical/wavlink wn572hp3
- canonical/wavlink wn533a8 firmware
- canonical/wavlink wn533a8
- canonical/wavlink wn530h4 firmware
- canonical/wavlink wn530h4
- canonical/wavlink wn535g3 firmware
- canonical/wavlink wn535g3
- canonical/wavlink wn531p3 firmware
- canonical/wavlink wn531p3