CVE-2022-44356

WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files.
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:wavlink:wl-wn531g3_firmware:m31g3.v5030.200325:*:*:*:*:*:*:*
cpe:2.3:o:wavlink:wl-wn531g3_firmware:m31g3.v5030.201204:*:*:*:*:*:*:*
cpe:2.3:h:wavlink:wl-wn531g3:-:*:*:*:*:*:*:*

History

02 Dec 2022, 13:54

Type Values Removed Values Added
CPE cpe:2.3:h:wavlink:wl-wn531g3:-:*:*:*:*:*:*:*
cpe:2.3:o:wavlink:wl-wn531g3_firmware:m31g3.v5030.201204:*:*:*:*:*:*:*
cpe:2.3:o:wavlink:wl-wn531g3_firmware:m31g3.v5030.200325:*:*:*:*:*:*:*
First Time Wavlink
Wavlink wl-wn531g3
Wavlink wl-wn531g3 Firmware
References (MISC) https://github.com/strik3r0x1/Vulns/blob/main/Wavlink%20WL-WN531G3.md - (MISC) https://github.com/strik3r0x1/Vulns/blob/main/Wavlink%20WL-WN531G3.md - Exploit, Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-552

29 Nov 2022, 17:57

Type Values Removed Values Added
New CVE

Information

Published : 2022-11-29 17:15

Updated : 2023-12-10 14:48


NVD link : CVE-2022-44356

Mitre link : CVE-2022-44356

CVE.ORG link : CVE-2022-44356


JSON object : View

Products Affected

wavlink

  • wl-wn531g3_firmware
  • wl-wn531g3
CWE
CWE-552

Files or Directories Accessible to External Parties