Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
8DescriptionCVE.org
A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading the affected component is recommended.
AnalysisAI
Critical command injection vulnerability in Wavlink WL-WN579A3 wireless router firmware version 220323, allowing unauthenticated remote attackers to execute arbitrary commands via the SetName/GuestWifi functions in /cgi-bin/wireless.cgi. A public proof-of-concept exploit is available, and while a vendor patch exists, the vulnerability has not yet been added to CISA's KEV catalog despite its high severity (CVSS 9.8).
Technical ContextAI
The vulnerability affects the Wavlink WL-WN579A3 wireless access point/router (CPE: cpe:2.3:a:wavlink:wl-wn579a3:*:*:*:*:*:*:*:*). It stems from improper input validation in the POST request handler, specifically in the SetName and GuestWifi functions within the /cgi-bin/wireless.cgi script. This is a classic command injection vulnerability (CWE-77), where user-supplied input is passed to system commands without proper sanitization, allowing attackers to inject arbitrary OS commands that execute with the privileges of the web server process.
RemediationAI
Immediate patching is strongly recommended. Wavlink has released a patched firmware version dated 2026-03-10 (build 94f93d4) available at: https://dl.wavlink.com/firmware/RD/WINSTAR_WN579A3-A-2026-03-10-94f93d4-WO-mt7628-squashfs-sysupgrade.bin. As a temporary mitigation, restrict access to the device's web interface to trusted networks only and disable remote management features if possible. Monitor for suspicious POST requests to /cgi-bin/wireless.cgi, particularly those targeting SetName or GuestWifi functions.
More in Wl Wn579a3
View allSame weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-12192