admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 18:27:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create CVE-2022-2486.md

Browse Source
This commit is contained in:
之乎者也 2023-04-07 11:47:18 +08:00 committed by GitHub
parent df110f880a
commit 46bee00ce8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2022-2486.md Normal file
View File

@ -0,0 +1,12 @@
## wavlink mesh.cgi command execution (CVE-2022-2486)
| **Vulnerability** | **wavlink mesh.cgi command execution (CVE-2022-2486)** |
| :----: | :-----|
| **Chinese name** | wavlink mesh.cgi命令执行漏洞CVE-2022-2486 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [body="firstFlage"](https://fofa.info/result?qbase64=Ym9keT0iZmlyc3RGbGFnZSI%3D) |
| **Number of assets affected** | 3078 |
| **Description** | WAVLINK is a router developed by China Ruiyin Technology (WAVLINK) company. The system mesh.cgi file has a command execution vulnerability, and attackers can obtain server privileges through this vulnerability. Including models WN530HG4, WN531G3, WN572HG3, WN535G3, WN575A4, etc. |
| **Impact** | Attackers can use this vulnerability to execute system commands to gain server privileges. |
![](https://s3.bmp.ovh/imgs/2023/04/07/a53061701522ba0d.gif)