CVE-2023-3380
Published: 23 June 2023
Summary
CVE-2023-3380 is a medium-severity Injection (CWE-74) vulnerability in Wavlink Wn579X3 Firmware. Its CVSS base score is 4.7 (Medium).
Operationally, ranked in the top 0.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
A critical injection vulnerability (CWE-74) affects the Ping Test feature in Wavlink WN579X3 devices running firmware up to 20230615. The flaw resides in the /cgi-bin/adm.cgi endpoint, where unsanitized input to the pingIp parameter allows arbitrary command injection. The issue is remotely reachable and carries a CVSS 3.1 score of 4.7.
An authenticated administrator can supply crafted values to the pingIp argument and execute injected commands on the device. Successful exploitation yields limited but direct control over confidentiality, integrity, and availability of the affected router. The vendor did not respond to disclosure, and a working proof-of-concept has been published.
Public references, including a detailed report on GitHub and entries in VulDB, confirm the absence of an official patch or mitigation guidance. The EPSS score stands at 0.8028 with no subsequent rise, indicating steady but not accelerating exploitation interest since publication.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-44047
Vulnerability details
A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible…
more
to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-232236. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Developer assessments and testing (including injection-focused techniques) identify improper neutralization of special elements, and the verifiable flaw remediation corrects them pre-deployment.
Identifies indicators of injection attacks (command, SQL, LDAP, etc.) via anomaly and attack monitoring.