CVE-2022-35537

Name of the Vulnerable Software and Affected Versions WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3

Description The issue is related to a lack of filtering on parameters: mac 5g and Newname in the wireless.cgi file, which leads to command injection in the page /wifi mesh.shtml.

Recommendations For WAVLINK WN572HP3, consider disabling access to the /wifi mesh.shtml page until a patch is available. For WAVLINK WN533A8, restrict the use of parameters mac 5g and Newname in the wireless.cgi file to minimize the risk of exploitation. For WAVLINK WN530H4, avoid using the wireless.cgi file until the issue is resolved. For WAVLINK WN535G3, restrict access to the wireless.cgi file to minimize the risk of exploitation. For WAVLINK WN531P3, consider disabling the wireless.cgi file until a patch is available.