CVE-2022-40621— WAVLINK Quantum D4G (WN531G3) Pass-The-Hash
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-40621
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WAVLINK Quantum D4G (WN531G3) Pass-The-Hash
Source: NVD (National Vulnerability Database)
Vulnerability Description
Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier communicates over HTTP and not HTTPS, and because the hashing mechanism does not rely on a server-supplied key, it is possible for an attacker with sufficient network access to capture the hashed password of a logged on user and use it in a classic Pass-the-Hash style attack.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用捕获-重放进行的认证绕过
Source: NVD (National Vulnerability Database)
Vulnerability Title
WAVLINK WN531G3 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
WAVLINK WN531G3是中国睿因科技(WAVLINK)公司的一个无线路由器。 WAVLINK WN531G3 固件版本 M31G3.V5030.200325及之前版本存在安全漏洞,该漏洞源于通过 HTTP 而不是 HTTPS 进行通信,并且由于散列机制不依赖于服务器提供的密钥,攻击者利用该漏洞可以捕获登录用户的散列密码并将其用于经典的 Pass-the-Hash 式攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2022-40621
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-40621
请登录查看更多情报信息。
Same Patch Batch · WAVLINK · 2022-09-13 · 3 CVEs total
| CVE-2022-40622 | WAVLINK Quantum D4G (WN531G3) Session Management by IP Address | |
| CVE-2022-40623 | WAVLINK Quantum D4G (WN531G3) CSRF |
IV. Related Vulnerabilities
Same vendor: WAVLINK
- CVE-2026-8230
Wavlink NU516U1 login.cgi sys_login1 os command injection - CVE-2026-8229
Wavlink NU516U1 wireless.cgi WifiBasic os command injection - CVE-2026-8228
Wavlink NU516U1 wireless.cgi advance os command injection - CVE-2026-8227
Wavlink NU516U1 adm.cgi wzdapMesh os command injection - CVE-2026-8192
Wavlink NU516U1 adm.cgi wzdap os command injection
Same weakness: CWE-294
- CVE-2026-41351
OpenClaw < 2026.3.31 - Webhook Replay Detection Bypass via B - CVE-2026-35618
OpenClaw < 2026.3.23 - Replay Identity Drift via Query-Only - CVE-2026-34209
mppx: Tempo has a session close voucher bypass vulnerability - CVE-2026-32987
OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Devic - CVE-2026-27855
Open-Xchange OX Dovecot Pro 安全漏洞
V. Comments for CVE-2022-40621
No comments yet