CVE-2022-40623

CVE-2022-40623: WAVLINK Quantum D4G (WN531G3) CSRF

Vendor Wavlink
Product WN531G3
Weakness CWE-352 · CSRF
Published September 13, 2022
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote, unauthenticated command execution.

Key dates

02Disclosure timeline

September 13, 2022 CVE published
September 17, 2024 Record updated