CVE-2022-40623: WAVLINK Quantum D4G (WN531G3) CSRF
First published: Tue Aug 02 2022(Updated: )
The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote, unauthenticated command execution.
Credit: cve@rapid7.con
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wavlink Wn531g3 Firmware | <=m31g3.v5030.200325 | |
| Wavlink WN531G3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this WAVLINK Quantum D4G (WN531G3) firmware issue?
The vulnerability ID for this WAVLINK Quantum D4G (WN531G3) firmware issue is CVE-2022-40623.
What is the severity of CVE-2022-40623?
The severity of CVE-2022-40623 is high with a severity value of 8.8.
How does the vulnerability in WAVLINK Quantum D4G (WN531G3) firmware manifest?
The vulnerability in WAVLINK Quantum D4G (WN531G3) firmware allows for remote, unauthenticated command execution when combined with other issues.
What can happen if the WAVLINK Quantum D4G (WN531G3) firmware vulnerability is exploited?
Exploiting the vulnerability in WAVLINK Quantum D4G (WN531G3) firmware can lead to remote, unauthenticated command execution.
Is a fix available for CVE-2022-40623?
Unfortunately, the fix information is not available at this time.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/title
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/wavlink
- canonical/wavlink wn531g3 firmware
- version/wavlink wn531g3 firmware/m31g3.v5030.200325
- canonical/wavlink wn531g3