What is the CVSS score of CVE-2025-50756?

CVE-2025-50756 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 1.3%.

Which versions of Wn535k3 Firmware are affected by CVE-2025-50756?

A critical command injection vulnerability (CVE-2025-50756, CVSS 9.8) affecting Wavlink WN535K3 devices allows unauthenticated attackers to execute arbitrary commands and gain complete system…

Is there a public PoC exploit available for CVE-2025-50756?

Yes, a public proof-of-concept exploit is available for CVE-2025-50756. Prioritise patching immediately. EPSS: 1.3%.

How to fix or mitigate CVE-2025-50756?

Within 24 hours: Immediately inventory all Wavlink WN535K3 devices across the organization and isolate affected units from production networks if they are internet-facing. Within 7 days: Implement network segmentation to restrict administrative access to these devices and deploy WAF/IDS rules to detect exploitation attempts. Within 30 days: Plan device replacement or decommissioning as no patch is available; contact Wavlink for guidance on available firmware updates or EOL status.

Wn535k3 Firmware CVE-2025-50756

EUVD-2025-21351 CRITICAL

Command Injection (CWE-77)

2025-07-14 cve@mitre.org

Command Injection Wn535k3 Firmware

9.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 16, 2026 - 09:43 euvd

EUVD-2025-21351

Analysis Generated

Mar 16, 2026 - 09:43 vuln.today

PoC Detected

Oct 03, 2025 - 00:43 vuln.today

Public exploit code

CVE Published

Jul 14, 2025 - 15:15 nvd

CRITICAL 9.8

DescriptionCVE.org

Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_adm function via the newpass parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

AnalysisAI

CVE-2025-50756 is a critical unauthenticated command injection vulnerability in the Wavlink WN535K3 router (firmware version 20191010) affecting the set_sys_adm function's newpass parameter. An unauthenticated remote attacker can execute arbitrary system commands with root privileges by sending a crafted request, enabling complete device compromise including data theft, malware installation, and lateral network movement. The CVSS 9.8 score reflects maximum severity; KEV status and active exploitation likelihood are elevated given the high exploitability characteristics (network-accessible, no authentication required, low attack complexity).

Technical ContextAI

The vulnerability stems from improper input validation and sanitization in the set_sys_adm administrative function, classified as CWE-77 (Improper Neutralization of Special Elements used in a Command). The Wavlink WN535K3 is a consumer-grade WiFi router running embedded Linux firmware. The newpass parameter, intended for password updates, fails to properly escape or filter shell metacharacters and command separators (e.g., semicolons, pipes, command substitution operators), allowing OS command injection. The firmware version 20191010 indicates this is legacy hardware; affected CPE would be: cpe:2.3:o:wavlink:wn535k3_firmware:20191010:*:*:*:*:*:*:*. The vulnerability likely exists in the HTTP/HTTPS web interface or UPnP service that handles administrative requests, common attack surfaces for router exploitation.

RemediationAI

Immediate Actions: (1) Check Wavlink's official firmware repository and security advisory page for patched firmware versions newer than 20191010—download and apply via the device's web interface (System Settings > Firmware Update) or via TFTP if web interface is compromised; (2) If no patch is available, implement network-level mitigations: restrict HTTP/HTTPS access to the router's management interface via firewall rules (limit to trusted administrative subnets only), disable remote management features in router settings, and segment the router's management network from general user traffic; (3) Change default credentials immediately if not already done; (4) Isolate affected devices to air-gapped or highly restricted networks if patching is unavailable; (5) Long-term: replace end-of-life hardware with modern routers receiving active firmware updates (Wavlink models post-2020+ with active vendor support). Contact Wavlink technical support at support.wavlink.com or sales@wavlink.com for patch availability confirmation and extended support options.

CVE-2025-50756 vulnerability details – vuln.today

Back

Wn535k3 Firmware CVE-2025-50756

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code