CVE-2025-44868

Critical CVSS: 9.8

Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the ping_test function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

Vendor

Wavlink

Product

Wl-wn530h4 Firmware

CWE

CWE-77

Yayın Tarihi

2025-05-02 15:15:49

Güncelleme

2025-06-13 13:04:52

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-77 Wl-wn530h4 Firmware CRITICAL Wavlink 2025

Referanslar

https://github.com/Summermu/VulnForIoT/tree/main/Wavlink_WL-WN530H4/ping_test/readme.md https://github.com/Summermu/VulnForIoT/blob/main/Wavlink_WL-WN530H4/ping_test/readme.md

Benzer Kayıtlar

High

CVE-2026-5004

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC of the file /cgi-bin…

Medium

CVE-2026-3716

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This vulnerability affects the function sub_401AD4 of the…

High

CVE-2026-3715

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/fire…

High

CVE-2026-3703

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_401A10 of the file /cgi-bin/login.cgi. Ex…

Medium

CVE-2026-3704

A vulnerability has been found in Wavlink NU516U1 251208. This vulnerability affects the function sub_405B2C of the file…

Medium

CVE-2026-3662

A vulnerability has been found in Wavlink WL-NU516U1 240425. This vulnerability affects the function usb_p910 of the fil…