{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T00:10:18.803","vulnerabilities":[{"cve":{"id":"CVE-2022-40622","sourceIdentifier":"cve@rapid7.com","published":"2022-09-13T21:15:10.197","lastModified":"2024-11-21T07:21:43.800","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 uses IP addresses to hold sessions and does not not use session tokens. Therefore, if an attacker changes their IP address to match the logged-in administrator's, or is behind the same NAT as the logged in administrator, session takeover is possible."},{"lang":"es","value":"El WAVLINK Quantum D4G (WN531G3) ejecutando la versión de firmware M31G3.V5030.200325, usa direcciones IP para mantener las sesiones y no usa tokens de sesión. Por lo tanto, si un atacante cambia su dirección IP para que coincida con la del administrador que ha iniciado la sesión, o está detrás del mismo NAT que el administrador que ha iniciado la sesión, es posible una toma de control de sesión"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-304"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:wavlink:wn531g3_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"m31g3.v5030.200325","matchCriteriaId":"B8E4F42B-0D2E-4D51-A8C7-37C5D95ECB2C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:wavlink:wn531g3:-:*:*:*:*:*:*:*","matchCriteriaId":"3AE2AAA4-71D2-4B70-81FB-836F1A419DBC"}]}]}],"references":[{"url":"https://youtu.be/cSileV8YbsQ?t=655","source":"cve@rapid7.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://youtu.be/cSileV8YbsQ?t=655","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}