CVE-2026-2527 | Wavlink WL-WN579A3 up to 20210219 /cgi-bin/login.cgi key command injection

A vulnerability was found in Wavlink WL-WN579A3 up to 20210219. It has been declared as critical. Affected is an unknown function of the file /cgi-bin/login.cgi. Executing a manipulation of the argument key can lead to command injection.

The identification of this vulnerability is CVE-2026-2527. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More