Browse all 128 CVE security advisories affecting Wavlink. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WAVLINK operates primarily as a manufacturer of consumer networking hardware, specializing in Wi-Fi routers, range extenders, and USB adapters for home and small office environments. Security audits have identified a significant volume of vulnerabilities within its firmware ecosystem, with 119 Common Vulnerabilities and Exposures currently recorded. These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation issues, often stemming from inadequate input validation and weak authentication mechanisms in web management interfaces. While the company has not been the subject of a singular, widely publicized catastrophic breach comparable to major IoT botnets, the sheer number of disclosed CVEs indicates systemic weaknesses in its secure development lifecycle. Many of these vulnerabilities allow unauthenticated attackers to gain administrative control or execute arbitrary commands, posing substantial risks to user privacy and network integrity.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-10193 | WAVLINK WN530H4/WN530HG4/WN572HG3 internet.cgi ping_ddns command injection — WN530H4CWE-77 | 4.7 | Medium | 2024-10-20 |
| CVE-2023-3380 | Wavlink WN579X3 Ping Test adm.cgi injection — WN579X3CWE-74 | 4.7 | Medium | 2023-06-23 |
| CVE-2022-40623 | WAVLINK Quantum D4G (WN531G3) CSRF — WN531G3CWE-352 | 8.8 | - | 2022-09-13 |
| CVE-2022-40622 | WAVLINK Quantum D4G (WN531G3) Session Management by IP Address — WN531G3CWE-304 | 8.8 | - | 2022-09-13 |
| CVE-2022-40621 | WAVLINK Quantum D4G (WN531G3) Pass-The-Hash — WN531G3CWE-294 | 8.1 | - | 2022-09-13 |
| CVE-2022-2488 | WAVLINK WN535K2/WN535K3 touchlist_sync.cgi os command injection — WN535K2CWE-78 | 8.0 | High | 2022-07-20 |
| CVE-2022-2487 | WAVLINK WN535K2/WN535K3 nightled.cgi os command injection — WN535K2CWE-78 | 8.0 | High | 2022-07-20 |
| CVE-2022-2486 | WAVLINK WN535K2/WN535K3 os command injection — WN535K2CWE-78 | 8.0 | High | 2022-07-20 |
This page lists every published CVE security advisory associated with Wavlink. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.