CVE-2022-31847

7.5

CVSS
High

PUBLISHED

A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via...

Exploited in the wild Remote Low complexity No user interaction

Vendor: WAVLINK
Product: WN579 X3
Published: Jun 14, 2022
EPSS: —

Description

A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.

nuclei_scanner

CVSS scores

CVSS v3.1 7.5 High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2.0 5.0

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitation status

Exploited in the wild

Recorded 2025-06-17 00:00:00 UTC · Source

References

https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN579%20X3__Sensitive%20information%20leakage.md

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
The Shadowserver (via CIRCL)	Jun 17, 2025

Scanner integrations

Scanner	Reference	Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-31847.yaml	Apr 25, 2025

Vulnerability detail