CVE-2022-2488
- Reference to the description:
- Description:
- A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used.
- Last updated date:
- 07/26/2022
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 11/16/2022
- Reference url to background
https://unit42.paloaltonetworks.com/network-security-trends-update/
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/26/2022
- Reference url to background
https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20touchlist_sync.cgi.md