CVE-2026-2528 | Wavlink WL-WN579A3 up to 20210219 /cgi-bin/wireless.cgi Delete_Mac_list delete_list command injection

A vulnerability was found in Wavlink WL-WN579A3 up to 20210219. It has been rated as critical. Affected by this vulnerability is the function Delete_Mac_list of the file /cgi-bin/wireless.cgi. The manipulation of the argument delete_list leads to command injection.

This vulnerability is referenced as CVE-2026-2528. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More