PT-2026-8303

Name of the Vulnerable Software and Affected Versions Wavlink WL-WN579A3 versions up to 20210219 Description A security flaw exists in Wavlink WL-WN579A3. The issue is due to command injection within the DeleteMac function located in the /cgi-bin/wireless.cgi file. Manipulation of the delete list...

WAVLINK WL-WN579A3 命令注入漏洞

The WAVLINK WL-WN579A3 is a high-performance dual-band wireless network card developed by WAVLINK Corporation. Versions of Wavlink WL-WN579A3 prior to 20210219 contained a command injection vulnerability. This vulnerability stemmed from incorrect operations on the parameter “deletelist” in the...

PT-2026-8302

Name of the Vulnerable Software and Affected Versions Wavlink WL-WN579A3 versions up to 20210219 Description A command injection issue exists in the function Delete Mac list of the file /cgi-bin/wireless.cgi. Manipulation of the delete list argument can lead to command injection. Remote...

WAVLINK WL-WN579A3 命令注入漏洞

WAVLINK WL-WN579A3 is a high-performance dual-band wireless network card developed by WAVLINK Corporation. The Wavlink WL-WN579A3 models released before January 20210219 have a command injection vulnerability. This vulnerability stems from incorrect operations with the parameter “deletelist” in t...

CVE-2022-35534

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter hiddenSSID32g and SSID2G2, which leads to command injection in page /wifimultissid.shtml...

EUVD-2025-29091

Malicious code in bioql PyPI...

EUVD-2025-31149

Malicious code in bioql PyPI...

EUVD-2025-29092

Malicious code in bioql PyPI...

EUVD-2025-31151

Malicious code in bioql PyPI...

CVE-2025-10960

A vulnerability was found in Wavlink NU516U1 M16U1V240425. The impacted element is the function sub402D1C of the file /cgi-bin/wireless.cgi of the component DeleteMac Page. Performing manipulation of the argument deletelist results in command injection. The attack is possible to be carried out...

CVE-2025-10962 Wavlink NU516U1 SetName wireless.cgi sub_403198 command injection

A vulnerability was identified in Wavlink NU516U1 M16U1V240425. This impacts the function sub403198 of the file /cgi-bin/wireless.cgi of the component SetName Page. The manipulation of the argument mac5g leads to command injection. It is possible to initiate the attack remotely. The exploit is...

CVE-2025-10962

The CVE-2025-10962 affects Wavlink NU516U1 M16U1_V240425. The flaw occurs in the SetName Page, function sub_403198, where manipulation of the mac_5g argument in /cgi-bin/wireless.cgi enables remote command injection. Public exploit is available, and the vendor was contacted without response. CVSS...

CVE-2025-10962 Wavlink NU516U1 SetName wireless.cgi sub_403198 command injection

A vulnerability was identified in Wavlink NU516U1 M16U1V240425. This impacts the function sub403198 of the file /cgi-bin/wireless.cgi of the component SetName Page. The manipulation of the argument mac5g leads to command injection. It is possible to initiate the attack remotely. The exploit is...

CVE-2025-10960

A vulnerability was found in Wavlink NU516U1 M16U1V240425. The impacted element is the function sub402D1C of the file /cgi-bin/wireless.cgi of the component DeleteMac Page. Performing manipulation of the argument deletelist results in command injection. The attack is possible to be carried out...

CVE-2025-10961

A vulnerability was determined in Wavlink NU516U1 M16U1V240425. This affects the function sub4030C0 of the file /cgi-bin/wireless.cgi of the component DeleteMaclist Page. Executing manipulation of the argument deletelist can lead to command injection. The vendor was contacted early about this...

CVE-2025-10958

A flaw has been found in Wavlink NU516U1 M16U1V240425. Impacted is the function sub403010 of the file /cgi-bin/wireless.cgi of the component AddMac Page. This manipulation of the argument macAddr causes command injection. Remote exploitation of the attack is possible. The exploit has been publish...

CVE-2025-10958

A flaw has been found in Wavlink NU516U1 M16U1V240425. Impacted is the function sub403010 of the file /cgi-bin/wireless.cgi of the component AddMac Page. This manipulation of the argument macAddr causes command injection. Remote exploitation of the attack is possible. The exploit has been publish...

CVE-2025-10961 Wavlink NU516U1 Delete_Mac_list wireless.cgi sub_4030C0 command injection

A vulnerability was determined in Wavlink NU516U1 M16U1V240425. This affects the function sub4030C0 of the file /cgi-bin/wireless.cgi of the component DeleteMaclist Page. Executing manipulation of the argument deletelist can lead to command injection. The vendor was contacted early about this...

CVE-2025-10961

CVE-2025-10961 affects Wavlink NU516U1 M16U1_V240425. The vulnerability is in the /cgi-bin/wireless.cgi Delete_Mac_list Page, specifically the function sub_4030C0, where manipulation of the delete_list argument can lead to command injection. Multiple connected documents corroborate the affected c...

CVE-2025-10960 Wavlink NU516U1 DeleteMac wireless.cgi sub_402D1C command injection

A vulnerability was found in Wavlink NU516U1 M16U1V240425. The impacted element is the function sub402D1C of the file /cgi-bin/wireless.cgi of the component DeleteMac Page. Performing manipulation of the argument deletelist results in command injection. The attack is possible to be carried out...