Lucene search
+L

489 matches found

EUVD
EUVD
added 2026/05/03 9:45 a.m.15 views

EUVD-2026-26829

A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...

6.5CVSS6.4AI score0.04971EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.12 views

PT-2026-36695

Name of the Vulnerable Software and Affected Versions Wavlink WL-WN570HA1 version R70HA1 V1410 221110 Description A command injection issue exists in the set sys cmd function within the '/cgi-bin/adm.cgi' endpoint. This flaw allows a remote attacker to execute arbitrary commands by manipulating t...

6.5CVSS6.8AI score0.03191EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/04/20 7:23 p.m.8 views

CVE-2026-6559

A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...

5.3CVSS4.5AI score0.00265EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/19 6:31 a.m.6 views

EUVD-2026-23682

A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...

5.3CVSS4.5AI score0.00265EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/19 5:15 a.m.8 views

CVE-2026-6559

A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...

5.3CVSS4.5AI score0.00265EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/04/19 5:15 a.m.38 views

CVE-2026-6559 Wavlink WL-WN579A3 login.cgi sub_401F80 cross site scripting

A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...

5.3CVSS0.00265EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/19 12:0 a.m.13 views

PT-2026-33617

A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub 401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended...

5.3CVSS4.5AI score0.00265EPSS
Exploits0References6
CVE
CVE
added 2026/04/17 10:30 a.m.20 views

CVE-2026-6483

CVE-2026-6483 affects Wavlink WL-WN530H4 (firmware 20220721). The flaw is in the strcat/snprintf usage in /cgi-bin/internet.cgi, enabling remote, unauthenticated command injection with high impact (confidentiality, integrity, availability). Exploitation is feasible over the network; public exploi...

8.6CVSS6.7AI score0.14131EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/17 10:30 a.m.5 views

CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

8.6CVSS6.7AI score0.14131EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/17 10:30 a.m.165 views

CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

8.6CVSS0.14131EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.13 views

WAVLINK WL-WN530H4 安全漏洞

The WAVLINK WL-WN530H4 is a high-performance USB wireless network card from the WAVLINK company. It supports 802.11ac dual-band Wi-Fi. The Wavlink WL-WN530H4 version 20220721 has a security vulnerability. This vulnerability stems from the use of os command injection in the function strcat/snprint...

8.6CVSS7.1AI score0.14131EPSS
Exploits0References1
OSV
OSV
added 2026/04/14 12:58 p.m.7 views

JLSEC-2026-97

An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wlshm buffer objects, or if it...

6.6CVSS7AI score0.00297EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.12 views

Tenda i12 安全漏洞

The Tenda i12 is a ceiling-mounted wireless access point produced by the Chinese company Tenda. Version 1.0.0.113862 of the Tenda i12 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters index and wlradio, which may lead to a stack buffer overflow atta...

9CVSS7.5AI score0.00632EPSS
Exploits1References5
NVD
NVD
added 2026/04/03 2:16 p.m.4 views

CVE-2026-23420

In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...

5.5CVSS0.00091EPSS
Exploits0References8
EUVD
EUVD
added 2026/04/02 6:31 p.m.9 views

EUVD-2026-18362

A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...

6.5CVSS6.4AI score0.04457EPSS
Exploits1References5
NVD
NVD
added 2026/04/02 4:16 p.m.10 views

CVE-2026-5351

A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...

8.8CVSS0.04457EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/29 11:3 p.m.5 views

CVE-2026-5004

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS6.4AI score0.00687EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/28 6:30 p.m.6 views

EUVD-2026-16937

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS7.7AI score0.00687EPSS
Exploits1References5
NVD
NVD
added 2026/03/28 6:15 p.m.2 views

CVE-2026-5004

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS0.00687EPSS
Exploits1References4
CVE
CVE
added 2026/03/28 5:30 p.m.12 views

CVE-2026-5004

CVE-2026-5004 affects Wavlink WL-WN579X3-C (firmware 231124). The issue is a stack-based overflow in the UPNP Handler’s function sub_4019FC (/cgi-bin/firewall.cgi) triggered by manipulating the UpnpEnabled argument. Exploitation can be remote, and public PoC details exist. Vendor has not provided...

9CVSS7.7AI score0.00687EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder