Lucene search
K

87 matches found

Nuclei
Nuclei
added 10 hours ago22 views

WAVLINK WN530HG4 - Improper Access Control

Wavlink WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can download log files and configuration data via Exportlogs.sh and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-34049 info: name: WAVLINK WN530H...

5.3CVSS6.2AI score0.02176EPSS
Exploits1References5
EUVD
EUVD
added 2026/05/03 11:0 a.m.7 views

EUVD-2026-26831

A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. The affected element is the function pingddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. The attack can be initiated remotely. The exploit is now public and may ...

6.5CVSS6.4AI score0.03191EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/03 9:45 a.m.4 views

CVE-2026-7690

A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...

6.5CVSS6.4AI score0.04971EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/19 6:31 a.m.5 views

EUVD-2026-23682

A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...

5.3CVSS4.5AI score0.00265EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.10 views

PT-2026-33435

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

8.6CVSS5.5AI score0.14131EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.4 views

CVE-2026-4166

A vulnerability was found in Wavlink WL-NU516U1 240425. The impacted element is the function sub404F68 of the file /cgi-bin/login.cgi. The manipulation of the argument homepage/hostname results in cross site scripting. The attack can be launched remotely. The exploit has been made public and coul...

5.1CVSS4.1AI score0.00203EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:58 p.m.3 views

CVE-2026-4164

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

10CVSS6.9AI score0.02057EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/22 12:32 p.m.4 views

EUVD-2026-14297

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argument homepage/hostname/loginpage can lead to cross site scripting. It is possible to launch the...

4.8CVSS4.1AI score0.0026EPSS
Exploits1References8
EUVD
EUVD
added 2026/03/22 12:32 p.m.4 views

EUVD-2026-14295

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is an unknown function of the file /cgi-bin/firewall.cgi of the component POST Request Handler. Performing a manipulation of the argument dmzflag/delflag results in command injection. It is possible to initiate the attac...

6.5CVSS5.5AI score0.03379EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/03/15 5:32 a.m.3 views

CVE-2026-4166 Wavlink WL-NU516U1 login.cgi sub_404F68 cross site scripting

A vulnerability was found in Wavlink WL-NU516U1 240425. The impacted element is the function sub404F68 of the file /cgi-bin/login.cgi. The manipulation of the argument homepage/hostname results in cross site scripting. The attack can be launched remotely. The exploit has been made public and coul...

5.1CVSS4.1AI score0.00203EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/15 12:0 a.m.4 views

PT-2026-25538

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function Delete Mac list/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit...

10CVSS5.5AI score0.02057EPSS
Exploits0References14
EUVD
EUVD
added 2026/03/08 9:30 a.m.6 views

EUVD-2026-10221

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument delflag results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made publ...

9CVSS7.7AI score0.00655EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/03/08 7:2 a.m.36 views

CVE-2026-3716 Wavlink WL-WN579X3-C adm.cgi sub_401AD4 cross site scripting

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This vulnerability affects the function sub401AD4 of the file /cgi-bin/adm.cgi. Executing a manipulation of the argument Hostname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

4.8CVSS0.00228EPSS
Exploits1References5
NVD
NVD
added 2026/03/06 1:15 a.m.11 views

CVE-2026-3612

A vulnerability was determined in Wavlink WL-NU516U1 V240425. This affects the function sub405AF4 of the file /cgi-bin/adm.cgi of the component OTA Online Upgrade. This manipulation of the argument firmwareurl causes command injection. It is possible to initiate the attack remotely. The exploit h...

8.6CVSS0.0946EPSS
Exploits1References4
NVD
NVD
added 2026/02/16 6:19 p.m.7 views

CVE-2026-2567

A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vulnerability affects the function sub401218 of the file /cgi-bin/nas.cgi. Performing a manipulation of the argument User1Passwd results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now publi...

8.6CVSS0.00662EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/16 3:30 a.m.7 views

EUVD-2026-6135

A vulnerability was found in Wavlink WL-WN579A3 up to 20210219. This impacts the function multissid of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument SSID2G2 results in command injection. The attack may be initiated remotely. The exploit has been made public and could b...

8.8CVSS5.4AI score0.06533EPSS
Exploits1References5
CVE
CVE
added 2026/02/16 2:32 a.m.19 views

CVE-2026-2530

Summary: CVE-2026-2530 affects the Wavlink WL-WN579A3 router family (versions up to 20210219). The vulnerability resides in the AddMac function of /cgi-bin/wireless.cgi, where manipulating the macAddr argument enables remote command injection. The exploit has been publicly released, and multiple ...

8.8CVSS6.3AI score0.06533EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/16 1:32 a.m.7 views

CVE-2026-2527

A vulnerability was determined in Wavlink WL-WN579A3 up to 20210219. Affected is an unknown function of the file /cgi-bin/login.cgi. Executing a manipulation of the argument key can lead to command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be...

6.5CVSS5.4AI score0.0674EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.3 views

CVE-2022-23900

A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi...

9.8CVSS8.2AI score0.03566EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.7 views

CVE-2022-31845

A vulnerability in livecheck.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function...

7.5CVSS6.5AI score0.08364EPSS
Exploits1References1
Rows per page
Query Builder