CVE-2026-8229 | Wavlink NU516U1 240425 /cgi-bin/wireless.cgi WifiBasic AuthMethod/EncrypType os command injection

Inserito da Angelo Barbosa | Mag 9, 2026 | CVE

A vulnerability classified as critical has been found in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection.

This vulnerability is known as CVE-2026-8229. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure.

CVE-2026-8229 | Wavlink NU516U1 240425 /cgi-bin/wireless.cgi WifiBasic AuthMethod/EncrypType os command injection

Post correlati

CVE-2025-26091 | TeamPasswordManager up to 12.162.284 New Password name cross site scripting

CVE-2024-39097 | Gnuboard g6 up to 6.0.4 Login url redirect

CVE-2023-49566 | Apache Linkis DataSource up to 1.5.0 JDBC Datasource Module of injection

CVE-2024-6244 | PZ Frontend Manager Plugin up to 1.0.5 on WordPress cross-site request forgery