Wavlink · Wavlink Aerial X 1200M · CVE-2022-31311
**Name of the Vulnerable Software and Affected Versions**
WAVLINK AERIAL X 1200M version M79X3.V5030.180719
**Description**
The issue allows attackers to execute arbitrary commands via a crafted POST request to the adm.cgi endpoint. This is achieved by sending a specifically designed request to the vulnerable endpoint, potentially leading to command execution.
**Recommendations**
For WAVLINK AERIAL X 1200M version M79X3.V5030.180719, as a temporary workaround, consider restricting access to the adm.cgi endpoint until a patch is available. Avoid using the adm.cgi endpoint in production environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.