Lucene search
K

10 matches found

Vulnrichment
Vulnrichment
added 2026/03/22 9:58 a.m.3 views

CVE-2026-4544 Wavlink WL-WN578W2 POST Request login.cgi cross site scripting

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argument homepage/hostname/loginpage can lead to cross site scripting. It is possible to launch the...

4.8CVSS4.1AI score0.0026EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/03/15 3:2 a.m.32 views

CVE-2026-4164 Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

10CVSS0.02057EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/09/14 7:20 p.m.8 views

CVE-2025-10323

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is the function sub409184 of the file /wizardrep.shtml. The manipulation of the argument selEncrypTyp results in command injection. The attack may be performed from remote. The exploit has been made public and could be...

9.8CVSS7.2AI score0.08082EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/14 6:29 p.m.7 views

CVE-2025-10321

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is an unknown function of the file /liveonline.shtml. Executing manipulation can lead to information disclosure. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about...

6.9CVSS5.1AI score0.0049EPSS
Exploits1References1
OSV
OSV
added 2025/09/13 1:15 p.m.4 views

CVE-2025-10359

A vulnerability was detected in Wavlink WL-WN578W2 221110. This impacts the function sub404DBC of the file /cgi-bin/wireless.cgi. The manipulation of the argument macAddr results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor wa...

9.8CVSS5.6AI score0.06072EPSS
Exploits1References5
NVD
NVD
added 2025/09/13 8:15 a.m.4 views

CVE-2025-10358

A security vulnerability has been detected in Wavlink WL-WN578W2 221110. This affects the function sub404850 of the file /cgi-bin/wireless.cgi. The manipulation of the argument deletelist leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly...

9.8CVSS0.06072EPSS
Exploits1References5
OSV
OSV
added 2025/09/12 8:15 p.m.5 views

CVE-2025-10325

A vulnerability was identified in Wavlink WL-WN578W2 221110. This impacts the function sub401340/sub401BA4 of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to command injection. It is possible to launch the attack remotely. The exploit is publicly available and might...

8.8CVSS5.6AI score0.06789EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/12 8:2 p.m.7 views

CVE-2025-10325 Wavlink WL-WN578W2 login.cgi sub_401BA4 command injection

A vulnerability was identified in Wavlink WL-WN578W2 221110. This impacts the function sub401340/sub401BA4 of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to command injection. It is possible to launch the attack remotely. The exploit is publicly available and might...

6.5CVSS0.06789EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/12 7:32 p.m.8 views

CVE-2025-10324 Wavlink WL-WN578W2 firewall.cgi sub_401C5C command injection

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects the function sub401C5C of the file firewall.cgi. This manipulation of the argument pingFrmWANFilterEnabled/blockSynFloodEnabled/blockPortScanEnabled/remoteManagementEnabled causes command injection. It is possible to initia...

7.5CVSS0.08082EPSS
Exploits1References4
CVE
CVE
added 2025/09/12 6:2 p.m.15 views

CVE-2025-10322

The CVE-2025-10322 entry concerns Wavlink WL-WN578W2 (firmware 221110). A flaw in /sysinit.html allows manipulation of the newpass/confpass parameter due to improper privilege handling, enabling weak password recovery. Exploitation is described as remote and publicly disclosed, with PoC activity ...

6.9CVSS5.5AI score0.00439EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder