CVE-2022-35535
Published: 10 August 2022
Summary
CVE-2022-35535 is a critical-severity an unspecified weakness vulnerability in Wavlink Wn572Hp3 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 10.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2022-35535 affects multiple WAVLINK wireless router models including WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3. The root cause is missing input filtering on the macAddr parameter in wireless.cgi, which permits command injection when the /wifi_mesh.shtml page processes extender-addition requests.
Unauthenticated attackers with network access can supply crafted macAddr values to execute arbitrary commands on the device. Successful exploitation yields full control over the affected router, enabling confidentiality, integrity, and availability impacts consistent with the CVSS 9.8 rating.
Public references consist of GitHub technical write-ups that reproduce the injection vector but contain no vendor advisory, firmware patch, or mitigation guidance.
EPSS scores rose from a low baseline to a recorded peak of 0.0876, indicating measurable post-disclosure exploitation interest even though the current value sits at 0.0503.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-38422
Vulnerability details
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.