14 matches found
CVE-2026-8190
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...
CVE-2026-8190
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...
CVE-2026-8190 Wavlink NU516U1 adm.cgi wan os command injection
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...
CVE-2026-8190
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...
EUVD-2026-28918
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...
PT-2026-39401
A vulnerability was determined in Wavlink NU516U1 M16U1 V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument ppp username/ppp passwd/rwan ip/rwan mask/rwan gateway is directly passed by the attacker/so we can control the ppp...
CVE-2025-14208
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...
CVE-2025-14208
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...
CVE-2025-14208 D-Link DIR-823X set_wan_settings sub_415028 command injection
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...
CVE-2025-14208 D-Link DIR-823X set_wan_settings sub_415028 command injection
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...
CVE-2025-14208
CVE-2025-14208 affects D-Link DIR-823X devices up to 20250416. The vulnerability resides in the function sub_415028 of /goform/set_wan_settings, where manipulating the argument ppp_username leads to command injection. Exploitation can be performed remotely, and public proof-of-concept/exploit mat...
D-Link DIR-823X 命令注入漏洞
The D-Link DIR-823X is a wireless router from China-based AUO D-Link. A command injection vulnerability exists in the D-Link DIR-823X 20250416 and earlier versions, which stems from incorrect manipulation of the parameter pppusername in the file /goform/setwansettings, which can lead to command...
CVE-2022-35522
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: pppusername, ppppasswd, rwangateway, rwanmask and rwanip, which leads to command injection in page /wan.shtml...
PT-2022-22885 · Wavlink · Wavlink Wn533A8 +4
Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue is related to a lack of filtering on certain parameters in the adm.cgi file, specifically ppp username, ppp passwd, rwan gateway, rwan mas...