CVE-2022-35533
Published: 10 August 2022
Summary
CVE-2022-35533 is a critical-severity an unspecified weakness vulnerability in Wavlink Wn572Hp3 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 10.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2022-35533 is a command-injection vulnerability in the qos.cgi component of several WAVLINK wireless router models, specifically WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3. Unfiltered input supplied to the cli_list and cli_num parameters is passed directly to the operating system when the /qos.shtml page is rendered, allowing arbitrary command execution.
An unauthenticated attacker with network access can submit crafted HTTP requests to the affected CGI endpoint and obtain full control of the device, including the ability to read, modify, or delete data and to pivot further into attached networks. The flaw carries a CVSS 3.1 base score of 9.8, reflecting its remotely exploitable nature without credentials or user interaction.
Public references consist of technical write-ups hosted on GitHub that document the injection vectors but do not describe vendor patches or configuration work-arounds. The associated EPSS score reached a peak of 0.0876 after disclosure before settling at its current value of 0.0503, indicating a measurable increase in observed exploitation interest following publication.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-38420
Vulnerability details
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.