Description
The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 uses IP addresses to hold sessions and does not not use session tokens. Therefore, if an attacker changes their IP address to match the logged-in administrator's, or is behind the same NAT as the logged in administrator, session takeover is possible.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://youtu.be/cSileV8YbsQ?t=655
Scores
CVSS v3
8.8
EPSS
0.0010
EPSS Percentile
27.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-304
CWE-287
Status
published
Products (1)
wavlink/wn531g3_firmware
< m31g3.v5030.200325
Published
Sep 13, 2022
Tracked Since
Feb 18, 2026