Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

RedhatCVE
RedhatCVEadded 2026/05/11 8:27 p.m.9 views

CVE-2026-8192

A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wlPass is directly passed by the attacker/so we can control the EncrypType/wlPass results in os...

8.8CVSS6.4AI score0.04844EPSS
Exploits1References1
NVD
NVDadded 2026/05/10 5:16 a.m.14 views

CVE-2026-8227

A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. T...

8.8CVSS0.04944EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/05/10 12:0 a.m.8 views

PT-2026-39453

A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. T...

6.5CVSS6.4AI score0.04944EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2026/05/04 8:21 p.m.5 views

CVE-2026-7690

A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...

9.8CVSS6.4AI score0.04971EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/08 7:46 p.m.4 views

CVE-2026-3661

A flaw has been found in Wavlink WL-NU516U1 240425. This affects the function otanewupgrade of the file /cgi-bin/adm.cgi. This manipulation of the argument model causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor wa...

7.2CVSS5.6AI score0.10863EPSS
Exploits1References1
CVE
CVEadded 2026/03/07 1:32 p.m.11 views

CVE-2026-3662

CVE-2026-3662 affects Wavlink WL-NU516U1 240425; vulnerable component is usb_p910 in /cgi-bin/adm.cgi. Manipulating the Pr_mode argument enables command injection, with remote access. Exploit disclosed publicly and vendor was contacted early. CVSS and related metrics exist across sources (includi...

7.2CVSS5.6AI score0.11166EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2023/06/23 10:15 a.m.3 views

CVE-2023-3380

A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit h...

9.8CVSS5.4AI score0.03606EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2023/06/22 11:15 a.m.5 views

CVE-2023-29708

An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload...

7.5CVSS7.1AI score0.13855EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2022/04/07 11:15 a.m.6 views

CVE-2022-23900

A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi...

9.8CVSS7.9AI score0.03465EPSS
Exploits1References3
OSV
OSVadded 2022/04/07 11:15 a.m.2 views

CVE-2022-23900

A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi...

9.8CVSS6.4AI score0.03465EPSS
Exploits1References2
Rows per page
Query Builder