CVE-2022-23900

Name of the Vulnerable Software and Affected Versions Wavlink WL-WN531P3 router version M31G3.V5030.201204

Description A command injection issue in the API of the Wavlink WL-WN531P3 router allows an attacker to achieve unauthorized remote code execution via a malicious POST request through the "/cgi-bin/adm.cgi" API endpoint.

Recommendations For version M31G3.V5030.201204, consider disabling access to the "/cgi-bin/adm.cgi" API endpoint until a patch is available to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.