CVE-2026-4163 | Wavlink WL-WN579A3 220323 POST Request /cgi-bin/wireless.cgi SetName/GuestWifi command injection

Inserito da Angelo Barbosa | Mar 14, 2026 | CVE

A vulnerability was found in Wavlink WL-WN579A3 220323. It has been classified as critical. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection.

This vulnerability is cataloged as CVE-2026-4163. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Upgrading the affected component is recommended.

CVE-2026-4163 | Wavlink WL-WN579A3 220323 POST Request /cgi-bin/wireless.cgi SetName/GuestWifi command injection

Post correlati

CVE-2024-44684 | TpMeCMS 1.3.3.2 /h.php/page Title/Images/Content cross site scripting

CVE-2025-24867 | SAP BusinessObjects Platform BI Launchpad unprotected cross site scripting

CVE-2020-26310 | blowsie Pure-JavaScript-HTML5-Parser 2020 redos (ID 14)

CVE-2025-7615 | TOTOLINK T6 4.1.5cu.748 HTTP POST Request /cgi-bin/cstecgi.cgi clearPairCfg ip command injection