Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/03/08 7:46 p.m.5 views

CVE-2026-3661

A flaw has been found in Wavlink WL-NU516U1 240425. This affects the function otanewupgrade of the file /cgi-bin/adm.cgi. This manipulation of the argument model causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor wa...

7.2CVSS5.6AI score0.10863EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/07 3:30 p.m.5 views

EUVD-2026-10141

A flaw has been found in Wavlink WL-NU516U1 240425. This affects the function otanewupgrade of the file /cgi-bin/adm.cgi. This manipulation of the argument model causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor wa...

5.8CVSS5.6AI score0.10863EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/07 1:32 p.m.3 views

CVE-2026-3661 Wavlink WL-NU516U1 adm.cgi ota_new_upgrade command injection

A flaw has been found in Wavlink WL-NU516U1 240425. This affects the function otanewupgrade of the file /cgi-bin/adm.cgi. This manipulation of the argument model causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor wa...

5.8CVSS5.6AI score0.10863EPSS
Exploits1References4
CVE
CVE
added 2026/03/07 1:32 p.m.24 views

CVE-2026-3661

CVE-2026-3661 affects Wavlink WL-NU516U1 (firmware 240425). The flaw is in the OTA upgrade process: the function ota_new_upgrade in /cgi-bin/adm.cgi can be manipulated via the argument model to achieve command injection. Exploitation is possible remotely, and public exploits have been published. ...

7.2CVSS5.6AI score0.10863EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.6 views

CVE-2026-3612

A vulnerability was determined in Wavlink WL-NU516U1 V240425. This affects the function sub405AF4 of the file /cgi-bin/adm.cgi of the component OTA Online Upgrade. This manipulation of the argument firmwareurl causes command injection. It is possible to initiate the attack remotely. The exploit h...

8.6CVSS6.9AI score0.0946EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/07 12:0 a.m.10 views

PT-2026-23855

A flaw has been found in Wavlink WL-NU516U1 240425. This affects the function ota new upgrade of the file /cgi-bin/adm.cgi. This manipulation of the argument model causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor...

5.8CVSS5.6AI score0.10863EPSS
Exploits1References5
OSV
OSV
added 2026/03/06 1:15 a.m.6 views

CVE-2026-3612

A vulnerability was determined in Wavlink WL-NU516U1 V240425. This affects the function sub405AF4 of the file /cgi-bin/adm.cgi of the component OTA Online Upgrade. This manipulation of the argument firmwareurl causes command injection. It is possible to initiate the attack remotely. The exploit h...

7.2CVSS5.6AI score0.0946EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/06 12:32 a.m.4 views

CVE-2026-3612 Wavlink WL-NU516U1 OTA Online Upgrade adm.cgi sub_405AF4 command injection

A vulnerability was determined in Wavlink WL-NU516U1 V240425. This affects the function sub405AF4 of the file /cgi-bin/adm.cgi of the component OTA Online Upgrade. This manipulation of the argument firmwareurl causes command injection. It is possible to initiate the attack remotely. The exploit h...

8.6CVSS5.6AI score0.0946EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/06 12:32 a.m.34 views

CVE-2026-3612 Wavlink WL-NU516U1 OTA Online Upgrade adm.cgi sub_405AF4 command injection

A vulnerability was determined in Wavlink WL-NU516U1 V240425. This affects the function sub405AF4 of the file /cgi-bin/adm.cgi of the component OTA Online Upgrade. This manipulation of the argument firmwareurl causes command injection. It is possible to initiate the attack remotely. The exploit h...

8.6CVSS0.0946EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/10 9:31 p.m.4 views

EUVD-2025-202622

An unauthenticated attacker within proximity of the Meatmeet device can perform an unauthorized Over The Air OTA firmware upgrade using Bluetooth Low Energy BLE, resulting in the firmware on the device being overwritten with the attacker's code. As the device does not perform checks on upgrades,...

7AI score0.00493EPSS
Exploits1References3
myhack58
myhack58
added 2014/12/19 12:0 a.m.26 views

Cool was traced to the presence of a backdoor threat to millions of users information security-vulnerability warning-the black bar safety net

Recently, security research firm PaloAlto Networks found that the domestic mobile phone manufacturers coolpad Android phone install the one named“CoolReaper”a backdoor program that may be related to more than 1, 0 0 0 million users of information security. ! Kupa was traced to the presence of a...

3AI score
Exploits0
Rows per page
Query Builder