Lucene search
K

137 matches found

NVD
NVD
added 4 days ago9 views

CVE-2026-13538

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1V240425. The affected element is the function sub401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote...

6.5CVSS0.01306EPSS
Exploits0References10
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-13539 Wavlink WL-NU516U1-A POST Parameter wireless.cgi sub_407504 stack-based overflow

A vulnerability was identified in Wavlink WL-NU516U1-A M16U1V240425. The impacted element is the function sub407504 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. Such manipulation of the argument Guestssid leads to stack-based buffer overflow. The attack can be execut...

9CVSS0.00466EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago11 views

CVE-2026-13538

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1V240425. The affected element is the function sub401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote...

6.5CVSS6.4AI score0.01306EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/05/12 8:20 a.m.12 views

CVE-2026-8228

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

8.8CVSS6.4AI score0.04807EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/10 6:30 a.m.10 views

EUVD-2026-28977

A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is...

6.5CVSS6.4AI score0.04944EPSS
Exploits1References5
EUVD
EUVD
added 2026/05/10 6:30 a.m.11 views

EUVD-2026-28976

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

6.5CVSS6.4AI score0.04807EPSS
Exploits1References5
NVD
NVD
added 2026/05/10 5:16 a.m.34 views

CVE-2026-8229

A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is...

8.8CVSS0.04944EPSS
Exploits1References4
NVD
NVD
added 2026/05/10 5:16 a.m.29 views

CVE-2026-8228

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

8.8CVSS0.04807EPSS
Exploits1References4
CVE
CVE
added 2026/05/10 4:15 a.m.21 views

CVE-2026-8229

CVE-2026-8229 concerns Wavlink NU516U1 (firmware 240425) where the vulnerable element is the function WifiBasic in /cgi-bin/wireless.cgi. An attacker can manipulate the AuthMethod/EncrypType arguments to trigger an os command injection, enabling remote exploitation. Public exploit availability is...

8.8CVSS6.4AI score0.04944EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/10 4:15 a.m.5 views

CVE-2026-8229

A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is...

6.5CVSS6.4AI score0.04944EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/05/10 4:15 a.m.52 views

CVE-2026-8229 Wavlink NU516U1 wireless.cgi WifiBasic os command injection

A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is...

6.5CVSS0.04944EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/10 4:0 a.m.9 views

CVE-2026-8228 Wavlink NU516U1 wireless.cgi advance os command injection

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

6.5CVSS6.4AI score0.04807EPSS
Exploits1References4
CVE
CVE
added 2026/05/10 4:0 a.m.24 views

CVE-2026-8228

CVE-2026-8228 affects Wavlink NU516U1 240425. The vulnerability is in the function advance of the file /cgi-bin/wireless.cgi . Improper handling of the argument wlan_conf/Channel/skiplist/ieee_80211h allows an attacker to perform an OS command injection remotely. The attack surface is network-exp...

8.8CVSS6.4AI score0.04807EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/08 8:21 p.m.8 views

CVE-2026-41922

WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the wireless.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the sz11gChannel or PIN POST parameters. Attackers can...

9.3CVSS6.6AI score0.04983EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/04 7:4 p.m.9 views

CVE-2026-41922 WDR201A WiFi Extender OS Command Injection via wireless.cgi

WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the wireless.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the sz11gChannel or PIN POST parameters. Attackers can...

9.3CVSS6.6AI score0.04983EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/04 7:4 p.m.42 views

CVE-2026-41922 WDR201A WiFi Extender OS Command Injection via wireless.cgi

WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the wireless.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the sz11gChannel or PIN POST parameters. Attackers can...

9.3CVSS0.04983EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.8 views

PT-2026-36910

Name of the Vulnerable Software and Affected Versions WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 Description An OS command injection issue exists in the 'wireless.cgi' binary. Unauthenticated remote attackers can execute arbitrary shell commands by injecting malicious input into the...

9.3CVSS6AI score0.04983EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/16 3:30 p.m.5 views

EUVD-2026-12192

A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit...

10CVSS7.1AI score0.02103EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.5 views

Wavlink WL-WN578W2 命令注入漏洞

Wavlink WL-WN578W2 is a wireless repeater produced by Wavlink Corporation. The Wavlink WL-WN578W2 version 221110 contains a command injection vulnerability. This vulnerability arises from improper handling of parameters for the functions DeleteMaclist/SetName/GuestWifi in the...

10CVSS7.3AI score0.02057EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/03/15 3:2 a.m.32 views

CVE-2026-4164 Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

10CVSS0.02057EPSS
Exploits0References8
Rows per page
Query Builder