CVE-2026-3715 | Wavlink WL-WN579X3-C 231124 /cgi-bin/firewall.cgi sub_40139C del_flag stack-based overflow

A vulnerability identified as critical has been detected in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument del_flag results in stack-based buffer overflow.

This vulnerability is cataloged as CVE-2026-3715. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

You should upgrade the affected component.

The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

CVE-2026-3715 | Wavlink WL-WN579X3-C 231124 /cgi-bin/firewall.cgi sub_40139C del_flag stack-based overflow

Post correlati

CVE-2025-2158 | Review Plugin up to 5.3.5 on WordPress register_argc_argv file inclusion

CVE-2025-4729 | TOTOLINK A3002R/A3002RU 3.0.0-B20230809.1615 HTTP POST Request /boafrm/formMapDelDevice macstr command injection

CVE-2026-2615 | Wavlink WL-NU516U1 up to 20251208 /cgi-bin/firewall.cgi singlePortForwardDelete del_flag command injection

CVE-2024-27326 | Tracker Software PDF-XChange Editor XPS File Parser out-of-bounds