Отправить #768292: Wavlink WL-WN578W2 V221110 Command InjectionИнформация

Название	Wavlink WL-WN578W2 V221110 Command Injection
Описание	A vulnerability has been found in Wavlink WL-WN578W2 V221110. This vulnerability can be triggered through the route /cgi-bin/wireless.cgi. The manipulation of the argument delete_list and the delete_2g_mac leads to command injection.The attack is possible to be carried out remotely. Attackers can send POST requests with page=DeleteMac to inject arbitrary root-level commands—no login required.
Источник	⚠️ https://github.com/Litengzheng/vul_db/blob/main/WL-WN578W2/vul_1/README.md
Пользователь	LtzHust (UID 95660)
Представление	26.02.2026 18:15 (2 месяцы назад)
Модерация	14.03.2026 13:21 (16 days later)
Статус	принято
Запись VulDB	351071 [Wavlink WL-WN578W2 221110 POST Request /cgi-bin/wireless.cgi Delete_Mac_list/SetName/GuestWifi эскалация привилегий]
Баллы	20

Interested in the pricing of exploits?

See the underground prices here!