CVE-2022-35522
Published: 10 August 2022
Summary
CVE-2022-35522 is a critical-severity an unspecified weakness vulnerability in Wavlink Wn572Hp3 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 10.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2022-35522 is a command-injection vulnerability affecting the adm.cgi endpoint on WAVLINK router models WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3. The component fails to sanitize the parameters ppp_username, ppp_passwd, rwan_gateway, rwan_mask, and rwan_ip when they are processed by the /wan.shtml page, allowing arbitrary command execution.
An unauthenticated remote attacker can supply crafted values for these parameters over the network and obtain command execution with full privileges on the device, resulting in complete compromise of confidentiality, integrity, and availability.
The EPSS score for this CVE rose from a low baseline to a recorded peak of 0.0876 (current value 0.0503), indicating increased exploitation interest after public disclosure. Public references consist of technical write-ups that reproduce the injection on the affected WAN configuration page.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-38409
Vulnerability details
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to command injection in page /wan.shtml.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.