Which versions of WDR201A WiFi Extender are affected by CVE-2026-41922?

The WDR201A WiFi Extender (firmware LFMZX28040922V1.02 and earlier) contains a critical remote code execution vulnerability allowing unauthenticated attackers to execute arbitrary commands with root…

Is there a public PoC exploit available for CVE-2026-41922?

Yes, a public proof-of-concept exploit is available for CVE-2026-41922. Prioritise patching immediately. EPSS: 0.9%.

WDR201A WiFi Extender CVE-2026-41922

Q: What is the CVSS score of CVE-2026-41922?

CVE-2026-41922 has a CVSS 4.0 base score of 9.3 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.9%.

EUVD-2026-27117 CRITICAL

OS Command Injection (CWE-78)

2026-05-04 VulnCheck

RCE Command Injection

9.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

May 04, 2026 - 22:15 vuln.today

CVSS changed

May 04, 2026 - 20:22 NVD

9.3 (CRITICAL)

DescriptionNVD

WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the wireless.cgi binary that allow unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the sz11gChannel or PIN POST parameters. Attackers can exploit unsanitized parameter handling in the set_wifi_basic and set_wifi_do_wps functions to achieve remote code execution without authentication.

AnalysisAI

Remote code execution in WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) allows unauthenticated network attackers to execute arbitrary shell commands via OS command injection in the wireless.cgi binary. Attackers exploit unsanitized sz11gChannel or PIN POST parameters in set_wifi_basic and set_wifi_do_wps functions to achieve root-level code execution without authentication. …

RemediationAI

Within 24 hours: Inventory all WDR201A devices in your environment and isolate affected units from production networks if firmware update is unavailable. Within 7 days: Contact the device manufacturer for emergency firmware patch status and timeline; if no patch is available, implement network segmentation to restrict access to the extender's management interface (port 80/443) to trusted administrative systems only. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-41922 vulnerability details – vuln.today

Back

WDR201A WiFi Extender CVE-2026-41922

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

WDR201A WiFi Extender CVE-2026-41922

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code