CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

134 matches found

RedhatCVE•added 2026/05/12 8:20 a.m.•7 views

CVE-2026-8228

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

8.8CVSS6.4AI score0.00435EPSS

Exploits1References1

EUVD•added 2026/05/10 6:30 a.m.•6 views

EUVD-2026-28976

6.5CVSS6.4AI score0.00435EPSS

Exploits1References5

EUVD•added 2026/05/10 6:30 a.m.•7 views

EUVD-2026-28977

A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is...

6.5CVSS6.4AI score0.00435EPSS

Exploits1References5

NVD•added 2026/05/10 5:16 a.m.•11 views

CVE-2026-8228

8.8CVSS0.00435EPSS

Exploits1References4

NVD•added 2026/05/10 5:16 a.m.•10 views

CVE-2026-8229

8.8CVSS0.00435EPSS

Exploits1References4

Cvelist•added 2026/05/10 4:15 a.m.•36 views

CVE-2026-8229 Wavlink NU516U1 wireless.cgi WifiBasic os command injection

6.5CVSS0.00435EPSS

Exploits1References4

CVE•added 2026/05/10 4:15 a.m.•14 views

CVE-2026-8229

CVE-2026-8229 concerns Wavlink NU516U1 (firmware 240425) where the vulnerable element is the function WifiBasic in /cgi-bin/wireless.cgi. An attacker can manipulate the AuthMethod/EncrypType arguments to trigger an os command injection, enabling remote exploitation. Public exploit availability is...

8.8CVSS6.4AI score0.00435EPSS

Exploits1References4Affected Software1

ATTACKERKB•added 2026/05/10 4:15 a.m.•2 views

CVE-2026-8229

6.5CVSS6.4AI score0.00435EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/05/10 4:0 a.m.•5 views

CVE-2026-8228 Wavlink NU516U1 wireless.cgi advance os command injection

6.5CVSS6.4AI score0.00435EPSS

Exploits1References4

CVE•added 2026/05/10 4:0 a.m.•16 views

CVE-2026-8228

CVE-2026-8228 affects Wavlink NU516U1 240425. The vulnerability is in the function advance of the file /cgi-bin/wireless.cgi . Improper handling of the argument wlan_conf/Channel/skiplist/ieee_80211h allows an attacker to perform an OS command injection remotely. The attack surface is network-exp...

8.8CVSS6.4AI score0.00435EPSS

Exploits1References4Affected Software1

RedhatCVE•added 2026/05/08 8:21 p.m.•5 views

CVE-2026-41922

WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the wireless.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the sz11gChannel or PIN POST parameters. Attackers can...

9.3CVSS6.6AI score0.01322EPSS

Exploits0References1

Vulnrichment•added 2026/05/04 7:4 p.m.•7 views

CVE-2026-41922 WDR201A WiFi Extender OS Command Injection via wireless.cgi

9.3CVSS6.6AI score0.01322EPSS

Exploits0References3

Cvelist•added 2026/05/04 7:4 p.m.•30 views

CVE-2026-41922 WDR201A WiFi Extender OS Command Injection via wireless.cgi

9.3CVSS0.01322EPSS

Exploits0References3

Positive Technologies•added 2026/05/04 12:0 a.m.•3 views

PT-2026-36910

Name of the Vulnerable Software and Affected Versions WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 Description An OS command injection issue exists in the 'wireless.cgi' binary. Unauthenticated remote attackers can execute arbitrary shell commands by injecting malicious input into the...

9.3CVSS6AI score0.01322EPSS

Exploits0References6

EUVD•added 2026/03/16 3:30 p.m.•3 views

EUVD-2026-12192

A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit...

10CVSS7.1AI score0.00231EPSS

Exploits0References8

CNNVD•added 2026/03/16 12:0 a.m.•2 views

Wavlink WL-WN578W2 命令注入漏洞

Wavlink WL-WN578W2 is a wireless repeater produced by Wavlink Corporation. The Wavlink WL-WN578W2 version 221110 contains a command injection vulnerability. This vulnerability arises from improper handling of parameters for the functions DeleteMaclist/SetName/GuestWifi in the...

10CVSS7.3AI score0.0024EPSS

Exploits0References8

Cvelist•added 2026/03/15 3:2 a.m.•29 views

CVE-2026-4164 Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

10CVSS0.0024EPSS

Exploits0References8

Positive Technologies•added 2026/03/15 12:0 a.m.•1 views

PT-2026-25538

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function Delete Mac list/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit...

10CVSS5.5AI score0.0024EPSS

Exploits0References14

Vulnrichment•added 2026/03/14 10:32 p.m.•1 views

CVE-2026-4163 Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection

10CVSS5.7AI score0.00231EPSS

Exploits0References7

Cvelist•added 2026/03/14 10:32 p.m.•29 views

CVE-2026-4163 Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection

10CVSS0.00231EPSS

Exploits0References7

Rows per page