CVE-2022-35526
Published: 10 August 2022
Summary
CVE-2022-35526 is a critical-severity an unspecified weakness vulnerability in Wavlink Wn572Hp3 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 10.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2022-35526 affects multiple WAVLINK router models including WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3. The flaw resides in login.cgi, which performs no input filtering on the key parameter and thereby permits command injection when the /login.shtml page is accessed.
An unauthenticated attacker can reach the device over the network and supply a crafted key value to execute arbitrary commands. Successful exploitation grants full control of the device, allowing arbitrary code execution with impacts across confidentiality, integrity, and availability.
Public references consist of technical write-ups hosted on GitHub that document the injection vector; no vendor advisory or firmware patch information is referenced in the available sources.
The associated EPSS score rose from a low baseline to a recorded peak of 0.0876, indicating measurable post-disclosure interest in exploitation attempts.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-38413
Vulnerability details
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.