54 matches found
CVE-2026-6483
A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...
CVE-2026-41923
WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the internet.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the gateway POST parameter. Attackers can exploit...
CVE-2026-41923 WDR201A WiFi Extender OS Command Injection via internet.cgi
WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the internet.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the gateway POST parameter. Attackers can exploit...
PT-2026-36911
Name of the Vulnerable Software and Affected Versions WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 Description An OS command injection issue exists in the 'internet.cgi' binary. Unauthenticated remote attackers can execute arbitrary shell commands by injecting malicious input into the...
EUVD-2026-23403
A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...
CVE-2026-6483
A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...
CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection
A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...
CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection
A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...
CVE-2026-6483
A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...
WAVLINK WL-WN530H4 安全漏洞
The WAVLINK WL-WN530H4 is a high-performance USB wireless network card from the WAVLINK company. It supports 802.11ac dual-band Wi-Fi. The Wavlink WL-WN530H4 version 20220721 has a security vulnerability. This vulnerability stems from the use of os command injection in the function strcat/snprint...
PT-2026-33435
A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...
EUVD-2024-38394
Malicious code in bioql PyPI...
EUVD-2024-38359
Malicious code in bioql PyPI...
The vulnerability of the ping_ddns() function in the internet.cgi scenario of the Wavlink WN530H4, WN530HG4, and WN572HG3 routers allows attackers to execute arbitrary commands.
The vulnerability of the pingddns function in the internet.cgi scenario of the Wavlink WN530H4, WN530HG4, and WN572HG3 routers is related to the lack of data cleaning at the management level when processing DDNS parameters. Exploiting this vulnerability allows a remote attacker to execute arbitra...
The vulnerability of the set_qos() function in the internet.cgi script of the Wavlink AC3000 router microprogramming system allows a hacker to execute arbitrary commands.
The vulnerability of the setqos function in the internet.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the escape of operations from the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending...
WAVLINK AC3000 internet.cgi set_add_routing function's gateway parameter command injection vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the failure of the gateway parameter of the internet.cgi setaddrouting function to correctly filter the construct command...
WAVLINK AC3000 internet.cgi set_add_routing function netmask parameter command injection vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the netmask parameter of the internet.cgi setaddrouting function failing to correctly filter constructed command special...
WAVLINK AC3000 internet.cgi set_qos function cli_name parameter buffer overflow vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the cliname parameter of the internet.cgi setqos function that fails to correctly validate the length of the input data, an...
WAVLINK AC3000 internet.cgi set_qos function buffer overflow vulnerability in cli_mac parameter
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the climac parameter of the internet.cgi setqos function that fails to correctly validate the length and size of the input...
WAVLINK AC3000 internet.cgi set_add_routing function buffer overflow vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the internet.cgi setaddrouting function failing to correctly validate the length of the input data, and can be exploited by...