CVE-2026-8228

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

CVE-2026-4163

A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit...

WAVLINK WL-WN579A3 命令注入漏洞

WAVLINK WL-WN579A3 is a high-performance dual-band wireless network card developed by WAVLINK Corporation. The WAVLINK WL-WN579A3 220323 version has a command injection vulnerability. This vulnerability arises from improper handling of parameters for the function setName/GuestWifi in the...

CVE-2026-2530

A weakness has been identified in Wavlink WL-WN579A3 up to 20210219. This affects the function AddMac of the file /cgi-bin/wireless.cgi. This manipulation of the argument macAddr causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to th...

EUVD-2026-6135

A vulnerability was found in Wavlink WL-WN579A3 up to 20210219. This impacts the function multissid of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument SSID2G2 results in command injection. The attack may be initiated remotely. The exploit has been made public and could b...

CVE-2026-2526

A vulnerability was found in Wavlink WL-WN579A3 up to 20210219. This impacts the function multissid of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument SSID2G2 results in command injection. The attack may be initiated remotely. The exploit has been made public and could b...

WAVLINK WL-WN579A3 命令注入漏洞

WAVLINK WL-WN579A3 is a high-performance dual-band wireless network card developed by WAVLINK Corporation. The WAVLINK WL-WN579A3 versions 20210219 and earlier has a command injection vulnerability. This vulnerability stems from incorrect operations with the parameter “macAddr” in the function...

CVE-2025-56093

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua...

EUVD-2025-25198

Malicious code in bioql PyPI...

EUVD-2025-31148

Malicious code in bioql PyPI...

CVE-2025-10359 Wavlink WL-WN578W2 wireless.cgi sub_404DBC os command injection

A vulnerability was detected in Wavlink WL-WN578W2 221110. This impacts the function sub404DBC of the file /cgi-bin/wireless.cgi. The manipulation of the argument macAddr results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor wa...

CVE-2025-9149 Wavlink WL-NU516U1 wireless.cgi sub_4032E4 command injection

A vulnerability was determined in Wavlink WL-NU516U1 M16U1V240425. This impacts the function sub4032E4 of the file /cgi-bin/wireless.cgi. This manipulation of the argument Guestssid causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

PT-2025-33820 · Wavlink · Wavlink Wl-Nu516U1

Name of the Vulnerable Software and Affected Versions: Wavlink WL-NU516U1 M16U1 V240425 Description: A vulnerability exists due to command injection. The issue is located in the /cgi-bin/wireless.cgi file and impacts the sub 4032E4 function. Manipulation of the Guest ssid argument can lead to...