CVE-2025-5408

🗓️ 01 Jun 2025 21:31:04Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 60 Views🌐 WEB

Critical buffer overflow vulnerability in WAVLINK devices allows remote attacks via login.cgi.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-5408	31 May 202516:46	–	circl
CNNVD	WAVLINK多款产品安全漏洞	1 Jun 202500:00	–	cnnvd
Cvelist	CVE-2025-5408 WAVLINK WL-WN576K1 HTTP POST Request login.cgi sys_login buffer overflow	1 Jun 202521:31	–	cvelist
EUVD	EUVD-2025-16583	3 Oct 202520:07	–	euvd
NVD	CVE-2025-5408	1 Jun 202522:15	–	nvd
Positive Technologies	PT-2025-23435 · Wavlink · Wl-Wn530G3A +5	1 Jun 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-5408	3 Jun 202522:15	–	redhatcve
Vulnrichment	CVE-2025-5408 WAVLINK WL-WN576K1 HTTP POST Request login.cgi sys_login buffer overflow	1 Jun 202521:31	–	vulnrichment

[
  {
    "vendor": "WAVLINK",
    "product": "QUANTUM D2G",
    "versions": [
      {
        "version": "V1410_240222",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  },
  {
    "vendor": "WAVLINK",
    "product": "QUANTUM D3G",
    "versions": [
      {
        "version": "V1410_240222",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  },
  {
    "vendor": "WAVLINK",
    "product": "WL-WN530G3A",
    "versions": [
      {
        "version": "V1410_240222",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  },
  {
    "vendor": "WAVLINK",
    "product": "WL-WN530HG3",
    "versions": [
      {
        "version": "V1410_240222",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  },
  {
    "vendor": "WAVLINK",
    "product": "WL-WN532A3",
    "versions": [
      {
        "version": "V1410_240222",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  },
  {
    "vendor": "WAVLINK",
    "product": "WL-WN576K1",
    "versions": [
      {
        "version": "V1410_240222",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/CH13hh/tmp_store_cc/blob/main/wavlink/1.md

Parameter	Position	Path	Description	CWE
login_page	request body	/cgi-bin/login.cgi	Buffer overflow in HTTP POST login.cgi via manipulated login_page parameter leading to potential remote exploitation.	CWE-119, CWE-120

15 Apr 2026 00:35Current

9.6High risk

Vulners AI Score9.6

CVSS 49.3

CVSS 3.19.8

CVSS 210

CVSS 39.8

EPSS0.00668

SSVC