CVE-2026-4163 | Wavlink WL-WN579A3 220323 POST Request /cgi-bin/wireless.cgi SetName/GuestWifi command injection

Inserito da Angelo Barbosa | Mar 14, 2026 | CVE

A vulnerability was found in Wavlink WL-WN579A3 220323. It has been classified as critical. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection.

This vulnerability is cataloged as CVE-2026-4163. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Upgrading the affected component is recommended.

CVE-2026-4163 | Wavlink WL-WN579A3 220323 POST Request /cgi-bin/wireless.cgi SetName/GuestWifi command injection

Post correlati

CVE-2026-23532 | FreeRDP up to 3.20.x gdi_SurfaceToSurface heap-based overflow (GHSA-fq8c-87hj-7gvr)

CVE-2023-4637 | WPvivid Plugin up to 0.9.94 on WordPress authorization

CVE-2025-50178 | JuliaWeb GitForge.jl up to 0.4.2 on GitHub GitForge.get_repo information disclosure

CVE-2024-39708 | Delinea Privilege Manager prior 12.0.1096 on Windows DLL uncontrolled search path