CVE-2026-2529

Medium CVSS: 5.3

A security flaw has been discovered in Wavlink WL-WN579A3 up to 20210219. Affected by this issue is the function DeleteMac of the file /cgi-bin/wireless.cgi. The manipulation of the argument delete_list results in command injection. The attack can be executed remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Wavlink

Product

Wl-wn579a3 Firmware

CWE

CWE-74

Yayın Tarihi

2026-02-16 02:16:07

Güncelleme

2026-02-18 20:02:39

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Wl-wn579a3 Firmware MEDIUM Wavlink 2026

Referanslar

https://github.com/MRAdera/IoT-Vuls/blob/main/wavlink/wn579a3/DeleteMac.md https://vuldb.com/?ctiid.346117 https://vuldb.com/?id.346117 https://vuldb.com/?submit.748076

Benzer Kayıtlar

High

CVE-2026-5004

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC of the file /cgi-bin…

Medium

CVE-2026-3716

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This vulnerability affects the function sub_401AD4 of the…

High

CVE-2026-3715

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/fire…

High

CVE-2026-3703

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_401A10 of the file /cgi-bin/login.cgi. Ex…

Medium

CVE-2026-3704

A vulnerability has been found in Wavlink NU516U1 251208. This vulnerability affects the function sub_405B2C of the file…

Medium

CVE-2026-3662

A vulnerability has been found in Wavlink WL-NU516U1 240425. This vulnerability affects the function usb_p910 of the fil…