4 matches found
CVE-2026-13539
The CVE concerns Wavlink WL-NU516U1-A M16U1_V240425. The vulnerable component is the POST Parameter Handler in /cgi-bin/wireless.cgi, specifically function sub_407504, where manipulation of Guest_ssid causes a stack-based buffer overflow. This can be triggered remotely; exploitation is publicly a...
CVE-2026-8229
A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is...
CVE-2025-10358
A security vulnerability has been detected in Wavlink WL-WN578W2 221110. This affects the function sub404850 of the file /cgi-bin/wireless.cgi. The manipulation of the argument deletelist leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly...
CVE-2025-10359
A vulnerability was detected in Wavlink WL-WN578W2 221110. This impacts the function sub404DBC of the file /cgi-bin/wireless.cgi. The manipulation of the argument macAddr results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor wa...