Wavlink Security Vulnerabilities (CVEs)
Track 79 security vulnerabilities affecting Wavlink products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE describes a command injection vulnerability in the Wavlink AC3000 router's wireless.cgi AddMac() function. An authenticated attacker can exec...
Jan 14, 2025This vulnerability allows authenticated attackers to execute arbitrary commands on Wavlink AC3000 routers by sending specially crafted HTTP requests t...
Jan 14, 2025This vulnerability allows attackers to log in as root on affected WAVLINK routers using a hardcoded password stored in /etc/shadow. Anyone using WAVLI...
Dec 6, 2024This critical vulnerability allows remote attackers to execute arbitrary commands on affected WAVLINK routers by manipulating the dhcpGateway paramete...
Oct 27, 2024This critical vulnerability allows remote attackers to execute arbitrary commands on affected WAVLINK routers by injecting malicious input into the DD...
Oct 20, 2024A critical stack-based buffer overflow vulnerability in WAVLINK routers allows attackers to execute arbitrary code by manipulating the wlanUrl paramet...
Oct 20, 2024This CVE describes a command injection vulnerability in WAVLINK WN551K1 routers where attackers can execute arbitrary commands via the IP parameter in...
Jun 24, 2024This CVE describes a command injection vulnerability in WAVLINK WN551K1 routers through the start_hour parameter of the nightled.cgi script. Attackers...
Jun 24, 2024This vulnerability allows remote attackers to execute arbitrary code on Wavlink WL_WNJ575A3 routers by exploiting improper input validation in the use...
Aug 15, 2023This vulnerability allows attackers with administrative access to execute arbitrary operating system commands with root privileges on affected WavLink...
Jun 30, 2023This vulnerability in WL-WN531AX2 routers allows attackers with administrative access to upload arbitrary files and execute operating system commands ...
Jun 30, 2023This vulnerability allows attackers to force a factory reset on WavLink WavRouter devices via a crafted payload sent to the /cgi-bin/adm.cgi endpoint....
Jun 22, 2023This vulnerability in Wavlink WL-WN530HG4 routers allows unauthenticated attackers to download configuration files and log files containing admin cred...
Feb 6, 2023This vulnerability allows unauthenticated attackers to access the ExportLogs.sh script on Wavlink WL-WN533A8 routers, enabling them to download config...
Feb 6, 2023This vulnerability in WAVLINK WN579 X3 routers allows attackers to access sensitive key information by visiting the messages.txt page without authenti...
Jul 25, 2022This vulnerability allows attackers to execute arbitrary code on WAVLINK WN535 G3 routers by sending a specially crafted POST request to the /cgi-bin/...
Jul 25, 2022This vulnerability allows unauthenticated attackers to execute arbitrary code on WAVLINK WN535 G3 routers by sending a specially crafted POST request ...
Jul 25, 2022This vulnerability involves a hardcoded encryption key in Wavlink routers that allows attackers to decrypt configuration files and potentially gain ad...
Jul 20, 2022This vulnerability allows unauthenticated attackers to access sensitive configuration files on Wavlink WN530HG4 routers, exposing administrator userna...
Jul 20, 2022This critical vulnerability allows remote attackers to execute arbitrary operating system commands on affected WAVLINK routers by manipulating the 'ke...
Jul 20, 2022This CVE-2022-2488 is a critical OS command injection vulnerability in WAVLINK WN535K2 and WN535K3 routers. Attackers can execute arbitrary commands o...
Jul 20, 2022This vulnerability allows remote attackers to execute arbitrary commands on Wavlink WL-WN575A3 routers via a crafted POST request to the obtw function...
Jul 7, 2022This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands on WAVLINK AERIAL X 1200M routers by sending specia...
Jun 14, 2022This vulnerability in WAVLINK WN535 G3 routers allows attackers to execute commands via the live_mfg.shtml endpoint, potentially exposing sensitive ro...
Jun 14, 2022This vulnerability in WAVLINK AERIAL X 1200M routers allows attackers to execute commands via the live_mfg.shtml page, exposing sensitive router infor...
Jun 14, 2022This CVE describes a command injection vulnerability in the Wavlink WL-WN531P3 router's API that allows remote attackers to execute arbitrary commands...
Apr 7, 2022This vulnerability allows remote attackers to access the 'wx.html' page on WAVLINK AC1200 routers without authentication, granting them friend-level a...
Mar 17, 2022This vulnerability allows unauthenticated remote attackers to execute arbitrary Linux commands as root on affected WAVLINK routers. Attackers can gain...
Oct 2, 2020This CVE describes multiple authentication bypass vulnerabilities in the WAVLINK WN530H4 router's /cgi-bin/ endpoint. Attackers can access router sett...
Oct 2, 2020Why Monitor Wavlink Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 79+ known vulnerabilities affecting Wavlink products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Wavlink packages in under 60 seconds. No agents required - completely agentless scanning that works across Wavlink deployments.
Free vulnerability database: Access detailed information about every Wavlink CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Wavlink CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
