Skip to main content

Wavlink WL-WN570HA1 EUVDEUVD-2026-26830

| CVE-2026-7691 LOW
Command Injection (CWE-77)
2026-05-03 VulDB
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

7
Severity Changed
May 03, 2026 - 11:22 NVD
MEDIUM LOW
CVSS changed
May 03, 2026 - 11:22 NVD
6.3 (MEDIUM) 2.1 (LOW)
PoC Detected
May 03, 2026 - 11:16 vuln.today
Public exploit code
Analysis Generated
May 03, 2026 - 11:00 vuln.today
EUVD ID Assigned
May 03, 2026 - 10:45 euvd
EUVD-2026-26830
Analysis Generated
May 03, 2026 - 10:45 vuln.today
CVE Published
May 03, 2026 - 10:15 nvd
LOW 2.1

DescriptionCVE.org

A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410_221110. Impacted is the function set_sys_cmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Once again the vendors acted very professional and confirms, "that the WN570HA1 firmware version R70HA1 V1410_221110 has been removed from our website." This vulnerability only affects products that are no longer supported by the maintainer.

AnalysisAI

Command injection in Wavlink WL-WN570HA1 firmware version R70HA1 V1410_221110 allows authenticated remote attackers to execute arbitrary system commands via manipulation of the command argument in the set_sys_cmd function of /cgi-bin/adm.cgi. The vulnerability has publicly available exploit code and affects only discontinued products no longer maintained by the vendor.

Technical ContextAI

The vulnerability exists in the CGI script /cgi-bin/adm.cgi on Wavlink WL-WN570HA1 wireless networking devices. The set_sys_cmd function fails to properly sanitize or validate the command parameter before passing it to system execution routines, enabling CWE-77 (Improper Neutralization of Special Elements used in a Command). This is a classic command injection flaw where untrusted user input is directly concatenated into shell commands without escaping or validation. The attack vector is network-based, targeting the web administration interface of the router.

RemediationAI

No vendor-released patch is available for this discontinued product. The vendor has confirmed the affected firmware version R70HA1 V1410_221110 is no longer supported. Primary remediation requires hardware replacement with a current Wavlink model or alternative vendor equipment. If replacement is not immediately feasible, implement compensating controls: restrict network access to /cgi-bin/adm.cgi to trusted administrative IP ranges using firewall rules, disable remote web management and access the device only via local network when necessary, change default administrative credentials if not already customized, and isolate affected devices on a segmented network with minimal trust relationships to critical systems. These controls reduce but do not eliminate risk; complete hardware replacement is the only permanent solution.

Share

EUVD-2026-26830 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy