CVE-2026-7691

A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. Impacted is the function setsyscmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed...

EUVD-2026-26830

A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. Impacted is the function setsyscmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed...

PT-2025-35570

Name of the Vulnerable Software and Affected Versions: Wavlink WN535K3 version 20191010 Description: The Wavlink WN535K3 router contains a command injection vulnerability in the set sys cmd function through the command parameter. This allows attackers to execute arbitrary commands via a crafted...

CVE-2025-50755

The CVE-2025-50755 entry concerns the Wavlink WN535K3 router (firmware version 20191010). A command injection flaw exists in the set_sys_cmd function via the command parameter, enabling attackers to execute arbitrary commands through a crafted request. The issue is treated across multiple feeds (...

VulnCheck KEV: CVE-2016-11021

setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command...