漏洞描述
WAVLINK WN535是一款双频 4G LTE 智能路由器。WAVLINK WN535 G3 M35G3R.V5030.180927版本存在安全漏洞,该漏洞源于live_check.shtml 中存在漏洞。攻击者利用该漏洞通过执行 exec cmd 函数获取敏感的路由器信息。
WAVLINK WN535 G3 路由器 live_check.shtml 文件信息泄露漏洞(CVE-2022-31845)
PoC代码
暂无相关漏洞推荐
- POC CVE-2020-10973: WAVLINK - Access Control
- POC CVE-2020-12124: WAVLINK WN530H4 live_api.cgi - Command Injection
- POC CVE-2020-12127: WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure
- POC CVE-2021-44260: WAVLINK AC1200 - Information Disclosure
- POC CVE-2022-2486: Wavlink WN535K2/WN535K3 - OS Command Injection
- POC CVE-2022-2487: Wavlink WN535K2/WN535K3 - OS Command Injection
- POC CVE-2022-2488: Wavlink WN535K2/WN535K3 - OS Command Injection
- POC CVE-2022-31845: WAVLINK WN535 G3 - Information Disclosure
- POC CVE-2022-31846: WAVLINK WN535 G3 - Information Disclosure
- POC CVE-2022-31847: WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure
- POC CVE-2022-34045: WAVLINK WN530HG4 - Improper Access Control
- POC CVE-2022-34046: WAVLINK WN533A8 - Improper Access Control
- POC CVE-2022-34047: WAVLINK WN530HG4 - Improper Access Control