Which versions of Wavlink WL-NU516U1 are affected by CVE-2026-4861?

A critical vulnerability in Wavlink WL-NU516U1 NAS devices allows attackers with basic credentials to gain complete system control, posing immediate risk to data confidentiality, integrity, and…

Is there a public PoC exploit available for CVE-2026-4861?

Yes, a public proof-of-concept exploit is available for CVE-2026-4861. Prioritise patching immediately. EPSS: 0.0%.

Wavlink WL-NU516U1 CVE-2026-4861

Q: What is the CVSS score of CVE-2026-4861?

CVE-2026-4861 has a CVSS 4.0 base score of 7.4 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-16146 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-03-26 VulDB

Buffer Overflow Stack Overflow

7.4

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

PoC Detected

Mar 30, 2026 - 13:26 vuln.today

Public exploit code

EUVD ID Assigned

Mar 26, 2026 - 08:45 euvd

EUVD-2026-16146

Analysis Generated

Mar 26, 2026 - 08:45 vuln.today

CVE Published

Mar 26, 2026 - 08:18 nvd

HIGH 7.4

DescriptionNVD

A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /cgi-bin/nas.cgi. This manipulation of the argument Content-Length causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Remote attackers can exploit a stack-based buffer overflow in the /cgi-bin/nas.cgi endpoint of Wavlink WL-NU516U1 by manipulating the Content-Length parameter to achieve unauthenticated remote code execution. Public exploit code is available for this vulnerability, and no patch has been released despite vendor notification. …

RemediationAI

Within 24 hours: Identify all Wavlink WL-NU516U1 devices in your environment and isolate them from production networks if possible; restrict administrative access and monitor for suspicious activity. Within 7 days: Evaluate replacement or decommissioning of affected devices; if retention is necessary, implement network segmentation and WAF rules to block malicious Content-Length parameters to the /cgi-bin/nas.cgi endpoint. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-4861 vulnerability details – vuln.today

Back

Wavlink WL-NU516U1 CVE-2026-4861

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

Wavlink WL-NU516U1 CVE-2026-4861

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code