Which versions of WDR201A WiFi Extender are affected by CVE-2026-41923?

WDR201A WiFi Extender firmware v1.02 contains a critical unauthenticated remote code execution vulnerability (CVE-2026-41923) that allows attackers to execute arbitrary commands on internet-exposed…

Is there a public PoC exploit available for CVE-2026-41923?

Yes, a public proof-of-concept exploit is available for CVE-2026-41923. Prioritise patching immediately. EPSS: 0.5%.

WDR201A WiFi Extender CVE-2026-41923

Q: What is the CVSS score of CVE-2026-41923?

CVE-2026-41923 has a CVSS 4.0 base score of 9.3 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.5%.

EUVD-2026-27120 CRITICAL

OS Command Injection (CWE-78)

2026-05-04 VulnCheck

Command Injection

9.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

May 04, 2026 - 22:15 vuln.today

CVSS changed

May 04, 2026 - 20:22 NVD

9.3 (CRITICAL)

DescriptionNVD

WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the internet.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the gateway POST parameter. Attackers can exploit unsanitized parameter concatenation in the set_add_routing function to inject shell commands that are executed via popen() with partial output reflected in the HTTP response.

AnalysisAI

OS command injection in WDR201A WiFi Extender firmware v1.02 allows unauthenticated remote attackers to execute arbitrary shell commands via the gateway parameter in internet.cgi. Exploitation requires no user interaction or authentication against internet-exposed devices. …

RemediationAI

Within 24 hours: Inventory all WDR201A WiFi Extender devices on network; identify those with internet-facing gateway parameter access; isolate or air-gap affected units immediately. Within 7 days: Remove WDR201A devices from production and replace with actively maintained alternatives; if removal impossible, implement network segmentation restricting device access to isolated VLANs. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-41923 vulnerability details – vuln.today

Back

WDR201A WiFi Extender CVE-2026-41923

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

WDR201A WiFi Extender CVE-2026-41923

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code