CVE-2022-40623
CVSS 8.8 - HIGH
Description
The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote, unauthenticated command execution.
Affected Products
2| Vendor | Product | Version |
|---|---|---|
| wavlink | wn531g3_firmware |
All versions
|
| wavlink | wn531g3 |
-
|
Weakness Types
CWE-352
CWE-352
CVE Information
- CVE ID:
CVE-2022-40623- Published:
- 2022-09-13
- Modified:
- 2024-11-21
- CVSS Score:
- 8.8
- Severity:
- HIGH
- Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Vendors
wavlink
Quick Actions
CVSS Severity Scale
0.0 - 3.9
LOW
4.0 - 6.9
MEDIUM
7.0 - 8.9
HIGH
9.0 - 10.0
CRITICAL