CVE-2026-4544

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argument homepage/hostname/loginpage can lead to cross site scripting. It is possible to launch the...

EUVD-2026-14297

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argument homepage/hostname/loginpage can lead to cross site scripting. It is possible to launch the...

CVE-2026-4543

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is an unknown function of the file /cgi-bin/firewall.cgi of the component POST Request Handler. Performing a manipulation of the argument dmzflag/delflag results in command injection. It is possible to initiate the attac...

CVE-2026-4544

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argument homepage/hostname/loginpage can lead to cross site scripting. It is possible to launch the...

CVE-2026-4544

CVE-2026-4544 affects Wavlink WL-WN578W2 221110. The vulnerability is in the POST Request Handler’s /cgi-bin/login.cgi, where manipulating the argument homepage/hostname/login_page can trigger cross-site scripting. Exploitation is possible remotely, and public exploit activity is indicated. No ve...

CVE-2026-4543

CVE-2026-4543 affects Wavlink WL-WN578W2 (model 221110). The vulnerability resides in the POST Request Handler within /cgi-bin/firewall.cgi. The root cause is a manipulation of the arguments dmz_flag and del_flag, enabling command injection. It can be triggered remotely, and exploitation details ...

CVE-2026-4543 Wavlink WL-WN578W2 POST Request firewall.cgi command injection

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is an unknown function of the file /cgi-bin/firewall.cgi of the component POST Request Handler. Performing a manipulation of the argument dmzflag/delflag results in command injection. It is possible to initiate the attac...

CVE-2026-4543

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is an unknown function of the file /cgi-bin/firewall.cgi of the component POST Request Handler. Performing a manipulation of the argument dmzflag/delflag results in command injection. It is possible to initiate the attac...

CVE-2026-4543 Wavlink WL-WN578W2 POST Request firewall.cgi command injection

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is an unknown function of the file /cgi-bin/firewall.cgi of the component POST Request Handler. Performing a manipulation of the argument dmzflag/delflag results in command injection. It is possible to initiate the attac...

PT-2026-26975

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argument homepage/hostname/login page can lead to cross site scripting. It is possible to launch the...

PT-2026-26974

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is an unknown function of the file /cgi-bin/firewall.cgi of the component POST Request Handler. Performing a manipulation of the argument dmz flag/del flag results in command injection. It is possible to initiate the...

Wavlink WL-WN578W2 代码注入漏洞

Wavlink WL-WN578W2 is a wireless repeater produced by Wavlink Corporation. The Wavlink WL-WN578W2 version 221110 contains a code injection vulnerability. This vulnerability stems from incorrect handling of parameters such as homepage/hostname/loginpage in the POST request processing component,...

CVE-2026-4164

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

Wavlink WL-WN578W2 命令注入漏洞

Wavlink WL-WN578W2 is a wireless repeater produced by Wavlink Corporation. The Wavlink WL-WN578W2 version 221110 contains a command injection vulnerability. This vulnerability arises from improper handling of parameters for the functions DeleteMaclist/SetName/GuestWifi in the...

Exploit for CVE-2026-3165

CVE INDEX Wavlink WL-WN578W2 vul1vul8 Wavlink...

EUVD-2025-29091

Malicious code in bioql PyPI...

EUVD-2025-29074

Malicious code in bioql PyPI...

EUVD-2025-29067

Malicious code in bioql PyPI...

Wavlink WL-WN578W2 sub_401C5C function command injection vulnerability

The Wavlink WL-WN578W2 is a wireless repeater from China's Wavlink. Wavlink WL-WN578W2 221110 version exists a command injection vulnerability, the vulnerability stems from the parameter pingFrmWANFilterEnabled/blockSynFloodEnabled/blockPortScanEnabled/remoteManagementEnabled of the function...

Wavlink WL-WN578W2 sub_401340 function command injection vulnerability

The Wavlink WL-WN578W2 is a wireless repeater from China's Wavlink. A command injection vulnerability exists in Wavlink WL-WN578W2 version 221110, which originates from the parameter ipaddr in the sub401340 function of the file /cgi-bin/login.cgi that fails to correctly filter the constructor...