GCVE - cpe:2.3:o:wavlink:wn530h4_firmware:m30h4.v5030.190403:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:wavlink:wn530h4_firmware:m30h4.v5030.190403:*:*:*:*:*:*:*

part: o version: m30h4.v5030.190403 update: *

Vendor	Wavlink (`b3b0198b-0ff8-5498-8769-561cf3fe0e3d`)
Product	Wn530H4 Firmware (`ae50c069-885f-5070-ab87-52c4be73438e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-12127`	vulnerable	2026-06-03 14:41:33.450600	Details available An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication. Published: 2020-10-02T08:13:20.000Z Updated: 2024-08-04T11:48:58.455Z Open on db.gcve.eu Reference links https://www.wavlink.com/en_us/product/WL-WN530H4.html https://cerne.xyz/bugs/CVE-2020-12127	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-12126`	vulnerable	2026-06-03 14:41:33.450267	Details available Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint. Published: 2020-10-02T08:12:53.000Z Updated: 2024-08-04T11:48:58.373Z Open on db.gcve.eu Reference links https://www.wavlink.com/en_us/product/WL-WN530H4.html https://cerne.xyz/bugs/CVE-2020-12126	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-12125`	vulnerable	2026-06-03 14:41:33.449934	Details available A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication. Published: 2020-10-02T08:12:23.000Z Updated: 2024-08-04T11:48:58.303Z Open on db.gcve.eu Reference links https://www.wavlink.com/en_us/product/WL-WN530H4.html https://cerne.xyz/bugs/CVE-2020-12125	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-12124`	vulnerable	2026-06-03 14:41:33.449589	Details available A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication. Published: 2020-10-02T08:11:57.000Z Updated: 2024-08-04T11:48:58.323Z Open on db.gcve.eu Reference links https://www.wavlink.com/en_us/product/WL-WN530H4.html https://cerne.xyz/bugs/CVE-2020-12124	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-12123`	vulnerable	2026-06-03 14:41:33.448484	Details available CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authenticated in the router portal, then this attack will work. Published: 2020-10-02T08:11:18.000Z Updated: 2024-08-04T11:48:58.391Z Open on db.gcve.eu Reference links https://www.wavlink.com/en_us/product/WL-WN530H4.html https://cerne.xyz/bugs/CVE-2020-12123	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

WAVLINK WN530H4 Firmware M30H4.V5030.190403

PURL mappings

Vulnerability references

Contribute