CVE-2026-4861 | Wavlink WL-NU516U1 260227 /cgi-bin/nas.cgi ftext Content-Length stack-based overflow

Inserito da Angelo Barbosa | Mar 25, 2026 | CVE

A vulnerability classified as critical has been found in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /cgi-bin/nas.cgi. This manipulation of the argument Content-Length causes stack-based buffer overflow.

This vulnerability is handled as CVE-2026-4861. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4861 | Wavlink WL-NU516U1 260227 /cgi-bin/nas.cgi ftext Content-Length stack-based overflow

Post correlati

CVE-2025-25727 | Bosscomm IF740 11001.7078/11001.0000 missing encryption

CVE-2024-28405 | SEMCMS 4.8 SEMCMS_Funtion.php access control

CVE-2025-13714 | Tencent MedicalNet generate_model deserialization (ZDI-25-1031)

CVE-2024-2862 | LG Electronics LED Assistant 2.1.65 Password improper authentication