CVE-2022-31847

A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via...

Basic Information

CVE State: PUBLISHED
Reserved Date: May 31, 2022
Published Date: June 14, 2022
Last Updated: August 03, 2024
Vendor: WAVLINK
Product: WN579 X3
Description: A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.
Tags

CVSS Scores

CVSS v3.1

7.5 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2.0

5.0

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS Score

Score: 29.79% (Percentile: 96.38%) as of 2025-06-20

Exploit Status

Exploited in the Wild: Yes (2025-06-17 00:00:00 UTC) Source

References

https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN579%20X3__Sensitive%20information%20leakage.md

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-06-18 12:00:31 UTC

Scanner Integrations

Scanner	URL	Date Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-31847.yaml	2025-04-26 00:00:00 UTC

Timeline

CVE ID Reserved

May 31, 2022
CVE Published to Public

June 14, 2022
Detected by Nuclei

April 26, 2025
Added to KEVIntel

June 18, 2025