CVE-2026-2567

A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vulnerability affects the function sub401218 of the file /cgi-bin/nas.cgi. Performing a manipulation of the argument User1Passwd results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now publi...

The vulnerability of the set_ftp_cfg() function in the nas.cgi script of the Wavlink AC3000 router’s microprogramming system allows a hacker to circumvent existing security restrictions.

The vulnerability of the setftpcfg function in the nas.cgi script of the Wavlink AC3000 WL-WN533A8 router’s microprogramming system is related to errors in system configuration or settings. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by sending...

The vulnerability of the add_dir() function in the nas.cgi script of the Wavlink AC3000 router’s microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the adddir function in the nas.cgi script of the Wavlink AC3000 WL-WN533A8 router’s microprogramming system is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sendi...