CVE-2025-10359 | Wavlink WL-WN578W2 221110 /cgi-bin/wireless.cgi sub_404DBC macAddr os command injection

A vulnerability categorized as critical has been discovered in Wavlink WL-WN578W2 221110. This impacts the function sub_404DBC of the file /cgi-bin/wireless.cgi. The manipulation of the argument macAddr results in os command injection.

This vulnerability is reported as CVE-2025-10359. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More