CVE-2026-6483 | Wavlink WL-WN530H4 20220721 /cgi-bin/internet.cgi strcat/snprintf os command injection

Inserito da Angelo Barbosa | Apr 17, 2026 | CVE

A vulnerability described as critical has been identified in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection.

This vulnerability is known as CVE-2026-6483. It is possible to launch the attack remotely. Furthermore, an exploit is available.

Upgrading the affected component is recommended.

CVE-2026-6483 | Wavlink WL-WN530H4 20220721 /cgi-bin/internet.cgi strcat/snprintf os command injection

Post correlati

CVE-2025-7227 | INVT VT-Designer PM3 File Parser out-of-bounds write

CVE-2022-26388 | Welch Allyn MLBUR 280 hard-coded password (icsma-22-167-01)

CVE-2024-8130 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/s3.cgi cgi_s3 f_a_key command injection (SAP10383)

CVE-2023-52383 | Huawei HarmonyOS/EMUI 3.0.0/3.1.0/4.0.0 RSMC Module double free