CVE-2023-32613

Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow a network-adjacent attacker to use functions originally available after login without logging in.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
jpcertCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
VendorProductVersion
wavlinkwl-wn531ax2_firmware
𝑥
< 2023526
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://jvn.jp/en/jp/JVN78634340/
https://www.wavlink.com/en_us/firmware/details/932108ffc5.html
https://jvn.jp/en/jp/JVN78634340/
https://www.wavlink.com/en_us/firmware/details/932108ffc5.html