CVE-2022-35538
Published: 10 August 2022
Summary
CVE-2022-35538 is a critical-severity an unspecified weakness vulnerability in Wavlink Wn572Hp3 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 16.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2022-35538 affects the wireless.cgi component in WAVLINK router models WN572HP3, WN533A8, WN530H4, WN535G3, and WN531P3. The page /wifi_mesh.shtml accepts the parameters delete_list, delete_al_mac, b_delete_list, and b_delete_al_mac without any input filtering, resulting in unauthenticated command injection.
An attacker with network access can supply crafted values for these parameters to execute arbitrary commands on the device. The vulnerability carries a CVSS score of 9.8, reflecting full compromise potential across confidentiality, integrity, and availability without requiring authentication or user interaction.
Public references consist of GitHub repositories that document the injection vectors through manual testing but contain no vendor advisories or patch information.
The associated EPSS score rose from low values after the 2022 disclosure to a peak of 0.0876 on 2025-01-22 before receding to the current 0.0187, indicating that exploitation interest increased well after initial publication.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-38425
Vulnerability details
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.