CVE-2026-2548 | WAYOS FBM-220G 24.10.19 rc sub_40F820 upnp_waniface/upnp_ssdp_interval/upnp_max_age command injection

A vulnerability was found in WAYOS FBM-220G 24.10.19. It has been declared as critical. This affects the function sub_40F820 of the file rc. Executing a manipulation of the argument upnp_waniface/upnp_ssdp_interval/upnp_max_age can lead to command injection.

This vulnerability is handled as CVE-2026-2548. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More