CVE-2026-6559 | Wavlink WL-WN579A3 220323 /cgi-bin/login.cgi sub_401F80 Hostname cross site scripting

A vulnerability was found in Wavlink WL-WN579A3 220323. It has been classified as problematic. This affects the function sub_401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting.

This vulnerability is registered as CVE-2026-6559. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.

The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.VulDB Recent EntriesRead More