CVE-2026-7692 | Wavlink WL-WN570HA1 R70HA1 V1410_221110 /cgi-bin/adm.cgi ping_ddns DDNS command injection

A vulnerability marked as critical has been reported in Wavlink WL-WN570HA1 R70HA1 V1410_221110. The affected element is the function ping_ddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is identified as CVE-2026-7692. The attack can be initiated remotely. Additionally, an exploit exists.

Once again the vendors acted very professional and confirms, “that the WN570HA1 firmware version R70HA1 V1410_221110 has been removed from our website.”VulDB Recent EntriesRead More