Sign-up

ID

VAR-202302-0355


CVE

CVE-2022-48166


TITLE

WAVLINK WL-WN530HG4 Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202302-459

DESCRIPTION

An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials

Trust: 0.99

sources: NVD: CVE-2022-48166 // VULMON: CVE-2022-48166

AFFECTED PRODUCTS

vendor:wavlinkmodel:wl-wn530hg4scope:eqversion:m30hg4.v5030.201217

Trust: 1.0

sources: NVD: CVE-2022-48166

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-48166
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202302-459
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-48166
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: CNNVD: CNNVD-202302-459 // NVD: CVE-2022-48166

PROBLEMTYPE DATA

problemtype:CWE-862

Trust: 1.0

sources: NVD: CVE-2022-48166

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202302-459

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202302-459

PATCH

title: - url:https://github.com/Live-Hack-CVE/CVE-2022-48166

Trust: 0.1

sources: VULMON: CVE-2022-48166

EXTERNAL IDS

db:NVDid:CVE-2022-48166

Trust: 1.7

db:CNNVDid:CNNVD-202302-459

Trust: 0.6

db:VULMONid:CVE-2022-48166

Trust: 0.1

sources: VULMON: CVE-2022-48166 // CNNVD: CNNVD-202302-459 // NVD: CVE-2022-48166

REFERENCES

url:https://github.com/strik3r0x1/vulns/blob/main/wavlink%20wn530hg4.md

Trust: 1.7

url:https://docs.google.com/document/d/1zvbuu3hkk3cakojaivluesvthblhjnljdpgoontk-vo/edit?usp=sharing

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-48166

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-48166/

Trust: 0.6

url:https://github.com/live-hack-cve/cve-2022-48166

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2022-48166 // CNNVD: CNNVD-202302-459 // NVD: CVE-2022-48166

SOURCES

db:VULMONid:CVE-2022-48166
db:CNNVDid:CNNVD-202302-459
db:NVDid:CVE-2022-48166

LAST UPDATE DATE

2024-08-14T14:37:04.293000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2022-48166date:2023-02-07T00:00:00
db:CNNVDid:CNNVD-202302-459date:2023-02-15T00:00:00
db:NVDid:CVE-2022-48166date:2023-02-14T20:05:50.467

SOURCES RELEASE DATE

db:VULMONid:CVE-2022-48166date:2023-02-06T00:00:00
db:CNNVDid:CNNVD-202302-459date:2023-02-06T00:00:00
db:NVDid:CVE-2022-48166date:2023-02-06T22:15:09.553