CVE-2026-3613 | Wavlink WL-NU516U1 V240425 /cgi-bin/login.cgi sub_401A0C ipaddr stack-based overflow

Inserito da Angelo Barbosa | Mar 5, 2026 | CVE

A vulnerability was found in Wavlink WL-NU516U1 V240425 and classified as critical. This vulnerability affects the function sub_401A0C of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to stack-based buffer overflow.

This vulnerability is referenced as CVE-2026-3613. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure.

CVE-2026-3613 | Wavlink WL-NU516U1 V240425 /cgi-bin/login.cgi sub_401A0C ipaddr stack-based overflow

Post correlati

CVE-2024-57928 | Linux Kernel up to 6.12.9/6.13-rc6 netfs_read_to_pagecache buffer overflow

CVE-2024-47777 | GStreamer up to 1.24.9 gstwavparse.c gst_wavparse_smpl_chunk out-of-bounds (GHSL-2024-259)

CVE-2024-11195 | Email Subscription Popup Plugin up to 1.2.22 on WordPress Shortcode print_email_subscribe_form cross site scripting

CVE-2024-46702 | Linux Kernel up to 5.10.224/5.15.165/6.1.106/6.6.47/6.10.6 thunderbolt tb_disconnect_xdomain_paths Privilege Escalation