PT-2023-3477 · Wavlink · Wavlink Wl-Wn531Ax2

Published

2023-05-11

Updated

2024-11-27

CVE-2023-32612

CVSS v2.0

7.7

High

Vector

AV:A/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions WAVLINK WL-WN531AX2 versions prior to 2023526

Description The issue is related to client-side enforcement of server-side security, which may allow an attacker with administrative privilege to execute OS commands with the root privilege. This could potentially enable remote attackers to execute arbitrary commands.

Recommendations For versions prior to 2023526, update the firmware to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78CWE-602CWE-565

Related Identifiers

BDU:2023-03663

CVE-2023-32612

Affected Products

Wavlink Wl-Wn531Ax2

PT-2023-3477 · Wavlink · Wavlink Wl-Wn531Ax2

CVE-2023-32612

Weakness Enumeration

Related Identifiers

Affected Products

References · 8