CVE-2022-44356
published 2022-11-29CVE-2022-44356: WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated…
PriorityP258high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
2.76%
84.4th percentile
WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wavlink | wl-wn531g3_firmware | — | — |
| wavlink | wl-wn531g3_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
path/cgi-bin/ExportLogs.sh
- →Unauthenticated GET request to /cgi-bin/ExportLogs.sh returns a downloadable file containing credentials and Wi-Fi config; response body contains 'Login=', 'Password=', 'WiFi_', 'WAVLINK' and Content-Type header is 'application/octet-stream' with a filename attachment.
- →Identify exposed WAVLINK WN531G3 devices via Shodan using the query: html:"WN531G3", or via FOFA using: body="WN531G3".
- →Confirm target is a WAVLINK WN531G3 device by checking that the response body contains the string 'WN531G3' before probing the vulnerable endpoint.
- ·Vulnerability is confirmed only on firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 of the WAVLINK WL-WN531G3 device. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WAVLINK Quantum D4G (WL-WN531G3) - Information Disclosure
nuclei·CVSS 7.5
CVE-2022-44356 [HIGH] WAVLINK Quantum D4G (WL-WN531G3) - Information Disclosure
WAVLINK Quantum D4G (WL-WN531G3) - Information Disclosure
WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files.
Template:
id: CVE-2022-44356
info:
name: WAVLINK Quantum D4G (WL-WN531G3) - Information Disclosure
author: ritikchaddha
severity: high
description: |
WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files.
remediation: |
Apply the latest firmware updates from Wavlink or implement network segmentation to restrict access to the device administration interface.
impac
No writeups or analysis indexed.
2022-11-29
Published