CVE-2026-41923 | Shenzhen Yipu WDR201A WiFi Extender up to 1.02 POST Parameter internet.cgi popen gateway os command injection

A vulnerability was found in Shenzhen Yipu WDR201A WiFi Extender up to 1.02. It has been declared as critical. The impacted element is the function popen of the file internet.cgi of the component POST Parameter Handler. The manipulation of the argument gateway results in os command injection.

This vulnerability was named CVE-2026-41923. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More