CVE-2025-10964

A weakness has been identified in Wavlink NU516U1. Affected by this vulnerability is the function sub401B30 of the file /cgi-bin/firewall.cgi. This manipulation of the argument remoteManagementEnabled causes command injection. The attack can be initiated remotely. The exploit has been made...

CVE-2025-10964 Wavlink NU516U1 firewall.cgi sub_401B30 command injection

A weakness has been identified in Wavlink NU516U1. Affected by this vulnerability is the function sub401B30 of the file /cgi-bin/firewall.cgi. This manipulation of the argument remoteManagementEnabled causes command injection. The attack can be initiated remotely. The exploit has been made...

PT-2025-39442

Name of the Vulnerable Software and Affected Versions Wavlink NU516U1 affected versions not specified Description A flaw exists in the Wavlink NU516U1 device. The issue is related to the manipulation of the remoteManagementEnabled argument within the sub 401B30 function of the /cgi-bin/firewall.c...

CVE-2023-1874

The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiplerolesupdate function. This makes it possible for authenticated attackers, with minimal permissions such as a...

CVE-2019-7475

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8...

SonicOS Unprivileged User Access ARS

A vulnerability in SonicOS with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8,...