489 matches found
EUVD-2026-26829
A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...
PT-2026-36695
Name of the Vulnerable Software and Affected Versions Wavlink WL-WN570HA1 version R70HA1 V1410 221110 Description A command injection issue exists in the set sys cmd function within the '/cgi-bin/adm.cgi' endpoint. This flaw allows a remote attacker to execute arbitrary commands by manipulating t...
CVE-2026-6559
A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...
EUVD-2026-23682
A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...
CVE-2026-6559
A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...
CVE-2026-6559 Wavlink WL-WN579A3 login.cgi sub_401F80 cross site scripting
A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...
PT-2026-33617
A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub 401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...
CVE-2026-6483
CVE-2026-6483 affects Wavlink WL-WN530H4 (firmware 20220721). The flaw is in the strcat/snprintf usage in /cgi-bin/internet.cgi, enabling remote, unauthenticated command injection with high impact (confidentiality, integrity, availability). Exploitation is feasible over the network; public exploi...
CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection
A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...
CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection
A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...
WAVLINK WL-WN530H4 安全漏洞
The WAVLINK WL-WN530H4 is a high-performance USB wireless network card from the WAVLINK company. It supports 802.11ac dual-band Wi-Fi. The Wavlink WL-WN530H4 version 20220721 has a security vulnerability. This vulnerability stems from the use of os command injection in the function strcat/snprint...
JLSEC-2026-97
An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wlshm buffer objects, or if it...
Tenda i12 安全漏洞
The Tenda i12 is a ceiling-mounted wireless access point produced by the Chinese company Tenda. Version 1.0.0.113862 of the Tenda i12 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters index and wlradio, which may lead to a stack buffer overflow atta...
CVE-2026-23420
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...
EUVD-2026-18362
A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...
CVE-2026-5351
A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...
CVE-2026-5004
A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...
EUVD-2026-16937
A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...
CVE-2026-5004
A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...
CVE-2026-5004
CVE-2026-5004 affects Wavlink WL-WN579X3-C (firmware 231124). The issue is a stack-based overflow in the UPNP Handler’s function sub_4019FC (/cgi-bin/firewall.cgi) triggered by manipulating the UpnpEnabled argument. Exploitation can be remote, and public PoC details exist. Vendor has not provided...