CVE-2026-8228

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

CVE-2026-4163

A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit...

WAVLINK WL-WN579A3 命令注入漏洞

WAVLINK WL-WN579A3 is a high-performance dual-band wireless network card developed by WAVLINK Corporation. The WAVLINK WL-WN579A3 220323 version has a command injection vulnerability. This vulnerability arises from improper handling of parameters for the function setName/GuestWifi in the...

CVE-2026-2530

A weakness has been identified in Wavlink WL-WN579A3 up to 20210219. This affects the function AddMac of the file /cgi-bin/wireless.cgi. This manipulation of the argument macAddr causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to th...

EUVD-2026-6135

A vulnerability was found in Wavlink WL-WN579A3 up to 20210219. This impacts the function multissid of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument SSID2G2 results in command injection. The attack may be initiated remotely. The exploit has been made public and could b...

CVE-2026-2526

A vulnerability was found in Wavlink WL-WN579A3 up to 20210219. This impacts the function multissid of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument SSID2G2 results in command injection. The attack may be initiated remotely. The exploit has been made public and could b...

WAVLINK WL-WN579A3 命令注入漏洞

WAVLINK WL-WN579A3 is a high-performance dual-band wireless network card developed by WAVLINK Corporation. The WAVLINK WL-WN579A3 versions 20210219 and earlier has a command injection vulnerability. This vulnerability stems from incorrect operations with the parameter “macAddr” in the function...

CVE-2025-56093

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua...

EUVD-2025-25198

Malicious code in bioql PyPI...

EUVD-2025-31148

Malicious code in bioql PyPI...

CVE-2025-10359 Wavlink WL-WN578W2 wireless.cgi sub_404DBC os command injection

A vulnerability was detected in Wavlink WL-WN578W2 221110. This impacts the function sub404DBC of the file /cgi-bin/wireless.cgi. The manipulation of the argument macAddr results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor wa...

CVE-2025-9149 Wavlink WL-NU516U1 wireless.cgi sub_4032E4 command injection

A vulnerability was determined in Wavlink WL-NU516U1 M16U1V240425. This impacts the function sub4032E4 of the file /cgi-bin/wireless.cgi. This manipulation of the argument Guestssid causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

PT-2025-33820 · Wavlink · Wavlink Wl-Nu516U1

Name of the Vulnerable Software and Affected Versions: Wavlink WL-NU516U1 M16U1 V240425 Description: A vulnerability exists due to command injection. The issue is located in the /cgi-bin/wireless.cgi file and impacts the sub 4032E4 function. Manipulation of the Guest ssid argument can lead to...

The vulnerability in the wireless.cgi script of Netgear XR300 router software allows a hacker to induce a service failure.

The vulnerability in the wireless.cgi script of Netgear XR300 router software lies in the copying of buffers without checking the size of the input data during the processing of the passphrase parameter. Exploiting this vulnerability allows a malicious actor to trigger a service failure through a...

The vulnerability in the bridge_wireless_main.cgi script of the Netgear XR300 router’s software allows a hacker to induce a service failure.

The vulnerability in the bridgewirelessmain.cgi script of the Netgear XR300 router software lies in the copying of buffers without checking the size of the input data during the processing of the passphrase parameter. Exploiting this vulnerability allows a malicious actor to cause a service failu...