WAVLINK WN551K1 found a command injection vulnerability through the start_hour parameter of /cgi-bin/nightled.cgi.
[
{
"cpes": [
"cpe:2.3:o:wavlink:wn551k1_firmware:20210427:*:*:*:*:*:*:*"
],
"vendor": "wavlink",
"product": "wn551k1_firmware",
"versions": [
{
"status": "affected",
"version": "20210427"
}
],
"defaultStatus": "unknown"
}
]