CVE-2026-13539 | Wavlink WL-NU516U1-A M16U1_V240425 POST Parameter /cgi-bin/wireless.cgi sub_407504 Guest_ssid stack-based overflow
A vulnerability was found in Wavlink WL-NU516U1-A M16U1_V240425 and classified as critical. The impacted element is the function sub_407504 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. Such manipulation of the argument Guest_ssid leads to stack-based buffer overflow.
This vulnerability is documented as CVE-2026-13539. The attack can be executed remotely. Additionally, an exploit exists.
It is suggested to upgrade the affected component.
The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.VulDB Recent EntriesRead More