| Title | Wavlink NU516U1 M16U1_V240425 Command Injection |
|---|
| Description | Wavlink NU516U1 M16U1_V240425 were discovered to contain a command injection via the del_flag parameter in the sub_4016F0 function of the file firewall.cgi. |
|---|
| Source | ⚠️ https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/singlePortForwardDelete.md |
|---|
| User | panda_0x1 (UID 87576) |
|---|
| Submission | 09/11/2025 17:59 (8 months ago) |
|---|
| Moderation | 09/25/2025 12:07 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 325831 [Wavlink NU516U1 M16U1_V240425 /cgi-bin/firewall.cgi sub_4016F0 del_flag command injection] |
|---|
| Points | 16 |
|---|