CVE-2022-34592

Name of the Vulnerable Software and Affected Versions Wavlink WL-WN575A3 version RPT75A3.V4300.201217

Description A command injection issue was discovered, allowing attackers to execute arbitrary commands via a crafted POST request to the obtw function. This enables attackers to send malicious requests and potentially gain unauthorized access to the system.

Recommendations For version RPT75A3.V4300.201217, as a temporary workaround, consider restricting access to the obtw function until a patch is available. Additionally, avoid using the vulnerable function to process untrusted input. At the moment, there is no information about a newer version that contains a fix for this vulnerability.