CVE-2026-2529

A security flaw has been discovered in Wavlink WL-WN579A3 up to 20210219. Affected by this issue is the function DeleteMac of the file /cgi-bin/wireless.cgi. The manipulation of the argument deletelist results in command injection. The attack can be executed remotely. The vendor was contacted ear...

CVE-2026-2529

A security flaw has been discovered in Wavlink WL-WN579A3 up to 20210219. Affected by this issue is the function DeleteMac of the file /cgi-bin/wireless.cgi. The manipulation of the argument deletelist results in command injection. The attack can be executed remotely. The vendor was contacted ear...

CVE-2026-2529

Wavlink WL-WN579A3 is affected by CVE-2026-2529 in the DeleteMac function of /cgi-bin/wireless.cgi. The delete_list argument can be manipulated to trigger command injection, enabling remote code execution. Affected firmware is listed as up to 20210219. Public sources consistently describe remote ...

PT-2026-8303

Name of the Vulnerable Software and Affected Versions Wavlink WL-WN579A3 versions up to 20210219 Description A security flaw exists in Wavlink WL-WN579A3. The issue is due to command injection within the DeleteMac function located in the /cgi-bin/wireless.cgi file. Manipulation of the delete list...

WAVLINK WL-WN579A3 命令注入漏洞

WAVLINK WL-WN579A3 is a high-performance dual-band wireless network card developed by WAVLINK Corporation. The Wavlink WL-WN579A3 models released before January 20210219 have a command injection vulnerability. This vulnerability stems from incorrect operations with the parameter “deletelist” in t...

CVE-2025-10960

A vulnerability was found in Wavlink NU516U1 M16U1V240425. The impacted element is the function sub402D1C of the file /cgi-bin/wireless.cgi of the component DeleteMac Page. Performing manipulation of the argument deletelist results in command injection. The attack is possible to be carried out...

CVE-2025-10960

A vulnerability was found in Wavlink NU516U1 M16U1V240425. The impacted element is the function sub402D1C of the file /cgi-bin/wireless.cgi of the component DeleteMac Page. Performing manipulation of the argument deletelist results in command injection. The attack is possible to be carried out...

CVE-2025-10960 Wavlink NU516U1 DeleteMac wireless.cgi sub_402D1C command injection

A vulnerability was found in Wavlink NU516U1 M16U1V240425. The impacted element is the function sub402D1C of the file /cgi-bin/wireless.cgi of the component DeleteMac Page. Performing manipulation of the argument deletelist results in command injection. The attack is possible to be carried out...

CVE-2025-10960 Wavlink NU516U1 DeleteMac wireless.cgi sub_402D1C command injection

A vulnerability was found in Wavlink NU516U1 M16U1V240425. The impacted element is the function sub402D1C of the file /cgi-bin/wireless.cgi of the component DeleteMac Page. Performing manipulation of the argument deletelist results in command injection. The attack is possible to be carried out...

CVE-2024-39359

A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

PT-2025-2540 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A stack-based buffer overflow vulnerability exists in the DeleteMac function of wireless.cgi. This issue can be triggered by a specially crafted HTTP request, potentially leading to...

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a buffer overflow vulnerability that originates from the wireless.cgi DeleteMac function failing to properly validate the length of input data, which can be exploited by an attacker to execute arbitrary...