Cyber Resilience

CVE-2022-35519

CriticalPublic PoC

Published: 10 August 2022

Published
10 August 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0503 90.0th percentile
Risk Priority 23 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-35519 is a critical-severity an unspecified weakness vulnerability in Wavlink Wn572Hp3 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 10.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2022-35519 is a command-injection vulnerability affecting the firewall.cgi endpoint on several WAVLINK wireless router models, specifically WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3. The component fails to sanitize the add_mac parameter before processing requests that render the /cli_black_list.shtml page, allowing arbitrary command execution.

An unauthenticated attacker with network access can submit a crafted HTTP request containing shell metacharacters in the add_mac field. Successful exploitation grants the attacker the ability to execute operating-system commands with the privileges of the web server, resulting in full compromise of confidentiality, integrity, and availability on the device.

The EPSS score for this CVE reached a peak of 0.0876 after disclosure, up from a lower baseline, indicating a measurable increase in observed exploitation interest. Public technical write-ups on GitHub document the injection vector but do not reference vendor patches or official mitigation guidance.

EU & UK References

Vulnerability details

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which leads to command injection in page /cli_black_list.shtml.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

wavlink
wn572hp3 firmware
all versions
wavlink
wn533a8 firmware
all versions
wavlink
wn530h4 firmware
all versions
wavlink
wn535g3 firmware
all versions
wavlink
wn531p3 firmware
all versions

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References