PT-2023-3477 · Wavlink · Wavlink Wl-Wn531Ax2

Publicado

2023-05-11

Atualizado

2024-11-27

CVE-2023-32612

CVSS v2.0

7.7

Alta

Vetor

AV:A/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions WAVLINK WL-WN531AX2 versions prior to 2023526

Description The issue is related to client-side enforcement of server-side security, which may allow an attacker with administrative privilege to execute OS commands with the root privilege. This could potentially enable remote attackers to execute arbitrary commands.

Recommendations For versions prior to 2023526, update the firmware to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78CWE-602CWE-565

Identificadores relacionados

BDU:2023-03663

CVE-2023-32612

Produtos afetados

Wavlink Wl-Wn531Ax2

PT-2023-3477 · Wavlink · Wavlink Wl-Wn531Ax2

CVE-2023-32612

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8