CVE-2025-50757

Medium CVSS: 6.5

Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_adm function via the username parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

Vendor

Wavlink

Product

Wl-wn535k3 Firmware

CWE

CWE-77

Yayın Tarihi

2025-09-02 15:15:32

Güncelleme

2025-09-04 17:47:15

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-77 Wl-wn535k3 Firmware MEDIUM Wavlink 2025

Referanslar

https://github.com/Summermu/VulnForIoT/tree/main/Wavlink_WN535K3/set_sys_adm_username/readme.md

Benzer Kayıtlar

High

CVE-2026-5004

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC of the file /cgi-bin…

Medium

CVE-2026-3716

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This vulnerability affects the function sub_401AD4 of the…

High

CVE-2026-3715

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/fire…

High

CVE-2026-3703

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_401A10 of the file /cgi-bin/login.cgi. Ex…

Medium

CVE-2026-3704

A vulnerability has been found in Wavlink NU516U1 251208. This vulnerability affects the function sub_405B2C of the file…

Medium

CVE-2026-3662

A vulnerability has been found in Wavlink WL-NU516U1 240425. This vulnerability affects the function usb_p910 of the fil…