Lucene search
+L

489 matches found

Nuclei
Nuclei
added yesterday58 views

Wavlink WL-WN533A8 M33A8.V5030.190716 - Information Disclosure

An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials. id: CVE-2022-48164 info: name: Wavlink WL-WN533A8 M33A8.V5030.190716 - Information...

7.5CVSS7.3AI score0.03096EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday28 views

WAVLINK Quantum D4G (WL-WN531G3) - Information Disclosure

WAVLINK Quantum D4G WL-WN531G3 running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files. id: CVE-2022-44356 info: name: WAVLINK Quantum D4G WL-WN531G3 - Information Disclosur...

7.5CVSS7.3AI score0.02756EPSS
Exploits1References2
EUVD
EUVD
added 5 days ago15 views

EUVD-2026-43254

A security flaw has been discovered in Wavlink WL-NU516U1 260515. This affects the function wlinkucisetvalue of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument lanip results in os command injection. The attack can be initiated remotely. The exploit has been released to the...

6.5CVSS6.5AI score0.01422EPSS
Exploits0References7
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-15513 Wavlink WL-NU516U1 adm.cgi wlink_uci_set_value os command injection

A security flaw has been discovered in Wavlink WL-NU516U1 260515. This affects the function wlinkucisetvalue of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument lanip results in os command injection. The attack can be initiated remotely. The exploit has been released to the...

6.5CVSS0.01422EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/29 5:15 a.m.12 views

CVE-2026-13538

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1V240425. The affected element is the function sub401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote...

6.5CVSS6.4AI score0.01306EPSS
Exploits0References10
OSV
OSV
added 2026/06/27 12:1 a.m.3 views

RLSA-2023:2786 Moderate: wayland security, bug fix, and enhancement update

Wayland is a protocol for a compositor to talk to its clients, as well as a C library implementation of that protocol. The compositor can be a standalone display server running on Linux kernel modesetting and evdev input devices, an X application, or a wayland client itself. The clients can be...

6.6CVSS6.8AI score0.00297EPSS
Exploits1References2
NVD
NVD
added 2026/06/09 7:17 p.m.12 views

CVE-2026-36771

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the wlradio parameter of the formwrlSSIDset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS0.00329EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.10 views

CVE-2026-36772

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the wlradio parameter of the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

5.5AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-48177

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the wl radio parameter of the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

5.5AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.30 views

PT-2026-48176

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the wl radio parameter of the formwrlSSIDset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

5.5AI score0.00329EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.10 views

CVE-2026-36792

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the wlradio parameter of the formWifiRadioSet function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.5AI score0.00397EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 12:0 a.m.22 views

CVE-2026-36772

CVE-2026-36772 affects the Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204). The vulnerability is a stack overflow in the wl_radio parameter of the formwrlSSIDget function, leading to Denial of Service. This is the reported root cause and affected component. No patch/ver...

6.5CVSS5.5AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.11 views

CVE-2026-6483

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

8.6CVSS6.7AI score0.14131EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/09 9:32 p.m.17 views

EUVD-2026-28920

A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wlPass is directly passed by the attacker/so we can control the EncrypType/wlPass results in os...

6.5CVSS5.6AI score0.04844EPSS
Exploits1References5
NVD
NVD
added 2026/05/09 7:16 p.m.25 views

CVE-2026-8192

A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wlPass is directly passed by the attacker/so we can control the EncrypType/wlPass results in os...

8.8CVSS0.04844EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/09 3:15 p.m.7 views

CVE-2026-8188 Wavlink NU516U1 adm.cgi change_wifi_password os command injection

A vulnerability has been found in Wavlink NU516U1 M16U1V240425. Affected is the function changewifipassword of the file /cgi-bin/adm.cgi. The manipulation of the argument wlchannel/wlPass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has bee...

6.5CVSS6.3AI score0.05454EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.7 views

CVE-2026-7692

A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. The affected element is the function pingddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. The attack can be initiated remotely. The exploit is now public and may ...

6.5CVSS6.4AI score0.03191EPSS
Exploits1References1
NVD
NVD
added 2026/05/03 10:16 a.m.25 views

CVE-2026-7690

A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...

9.8CVSS0.04971EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/03 10:15 a.m.7 views

CVE-2026-7691

A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. Impacted is the function setsyscmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed...

6.5CVSS5.7AI score0.03191EPSS
Exploits1References4
CVE
CVE
added 2026/05/03 9:45 a.m.46 views

CVE-2026-7690

CVE-2026-7690 affects Wavlink WL-WN570HA1 devices (firmware R70HA1 V1410_221110). The vulnerability is in /cgi-bin/adm.cgi set_sys_adm and arises from manipulating the Username parameter to cause remote command injection. Impact is remote, with public exploit availability noted in the source desc...

9.8CVSS5.7AI score0.04971EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder