Cyber Resilience

CVE-2022-48165

HighPublic PoC

Published: 03 February 2023

Published
03 February 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.8130 99.2th percentile
Risk Priority 64 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-48165 is a high-severity an unspecified weakness vulnerability in Wavlink Wl-Wn530H4 Firmware. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 0.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2022-48165 is an access control vulnerability in the /cgi-bin/ExportLogs.sh component of the Wavlink WL-WN530H4 router running firmware version M30H4.V5030.210121. The flaw permits unauthenticated network access to sensitive files, exposing configuration data and log contents that include administrative credentials. It carries a CVSS 3.1 base score of 7.5 reflecting network attack vector, low complexity, and high confidentiality impact without requiring privileges or user interaction.

An unauthenticated remote attacker can directly request the affected CGI endpoint to retrieve the exported logs and configuration files. Successful exploitation yields administrator usernames and passwords, enabling subsequent authenticated access to the device management interface and full control over router settings, connected clients, and network traffic.

The EPSS score currently stands at 0.8130 with a recorded peak of 0.8210, indicating sustained and elevated exploitation interest since disclosure. No vendor advisory or patch information is referenced in the available sources.

EU & UK References

Vulnerability details

An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

wavlink
wl-wn530h4 firmware
m30h4.v5030.210121

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References