CVE-2022-35524
published 2022-08-10CVE-2022-35524: WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode…
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.30%
81.2th percentile
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wlan_channel, which leads to command injection in page /wizard_rep.shtml.
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
tiff vulnerabilities
osv·2023-02-02·CVSS 6.5
CVE-2019-14973 tiff vulnerabilities
tiff vulnerabilities
It was discovered that LibTIFF incorrectly handled certain malformed
images. If a user or automated system were tricked into opening a
specially crafted image, a remote attacker could crash the application,
leading to a denial of service, or possibly execute arbitrary code with
user privileges. This issue was only fixed in Ubuntu 14.04 ESM.
(CVE-2019-14973, CVE-2019-17546, CVE-2020-35523, CVE-2020-35524,
CVE-2022-3970)
It was discovered that LibTIFF was incorrectly acessing a data structure
when processing data with the tiffcrop tool, which could lead to a heap
buffer overflow. An attacker could possibly use this issue to cause a
denial of service or execute arbitrary code. (CVE-2022-48281)
GHSA
GHSA-v88j-5jj7-m88j: WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm
ghsa_unreviewed·2022-08-11
CVE-2022-35524 [CRITICAL] CWE-77 GHSA-v88j-5jj7-m88j: WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wlan_channel, which leads to command injection in page /wizard_rep.shtml.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-08-10
Published