Wl Nu516u1 Firmware
Monthly
Wavlink NU516U1 firmware 251208 has a buffer overflow enabling remote code execution through crafted HTTP requests to the CGI interface.
Command injection in Wavlink NU516U1 firmware's firewall CGI component allows authenticated remote attackers to execute arbitrary commands with network access. Public exploit code exists for this vulnerability, which stems from an incomplete fix of a prior CVE. A patch is not currently available, though the vendor has been notified and indicated a fix is in development.
Command injection in Wavlink WL-NU516U1 firmware allows remote attackers with high privileges to execute arbitrary commands through the Pr_mode parameter in /cgi-bin/adm.cgi. Public exploit code exists for this vulnerability, and no patch is currently available. The impact is limited to confidentiality, integrity, and availability of the affected device.
Command injection in Wavlink WL-NU516U1 firmware allows remote attackers with high privileges to execute arbitrary commands through the model parameter in the OTA upgrade function. Public exploit code exists for this vulnerability, and no patch is currently available. The impact is limited to confidentiality, integrity, and availability of the affected device.
Stack-based buffer overflow in Wavlink WL-NU516U1 firmware's login.cgi allows remote attackers with high privileges to achieve complete system compromise through a malformed ipaddr parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw enables unauthenticated remote code execution with full read, write, and execution capabilities on affected devices.
Remote code execution in Wavlink WL-NU516U1 firmware allows unauthenticated attackers to execute arbitrary commands through the firmware_url parameter in the OTA upgrade function, requiring only high-level privileges to trigger. Public exploit code exists for this vulnerability and no patch is currently available, making it an immediate risk for affected devices.
Wl-Nu516U1 Firmware versions up to 20251208. contains a vulnerability that allows attackers to command injection (CVSS 7.2).
Remote code execution in Wavlink WL-NU516U1 firmware through a stack-based buffer overflow in the nas.cgi User1Passwd parameter allows unauthenticated network attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Stack overflow in Wavlink WL-NU516U1 firmware's /cgi-bin/adm.cgi allows remote attackers with high privileges to achieve code execution via a malicious time_zone parameter. Public exploit code exists for this vulnerability, though exploitation requires high complexity and the vendor has not released a patch.
A weakness has been identified in Wavlink NU516U1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A flaw has been found in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A security vulnerability has been detected in Wavlink WL-NU516U1 240425. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was determined in Wavlink WL-NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Wavlink NU516U1 firmware 251208 has a buffer overflow enabling remote code execution through crafted HTTP requests to the CGI interface.
Command injection in Wavlink NU516U1 firmware's firewall CGI component allows authenticated remote attackers to execute arbitrary commands with network access. Public exploit code exists for this vulnerability, which stems from an incomplete fix of a prior CVE. A patch is not currently available, though the vendor has been notified and indicated a fix is in development.
Command injection in Wavlink WL-NU516U1 firmware allows remote attackers with high privileges to execute arbitrary commands through the Pr_mode parameter in /cgi-bin/adm.cgi. Public exploit code exists for this vulnerability, and no patch is currently available. The impact is limited to confidentiality, integrity, and availability of the affected device.
Command injection in Wavlink WL-NU516U1 firmware allows remote attackers with high privileges to execute arbitrary commands through the model parameter in the OTA upgrade function. Public exploit code exists for this vulnerability, and no patch is currently available. The impact is limited to confidentiality, integrity, and availability of the affected device.
Stack-based buffer overflow in Wavlink WL-NU516U1 firmware's login.cgi allows remote attackers with high privileges to achieve complete system compromise through a malformed ipaddr parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw enables unauthenticated remote code execution with full read, write, and execution capabilities on affected devices.
Remote code execution in Wavlink WL-NU516U1 firmware allows unauthenticated attackers to execute arbitrary commands through the firmware_url parameter in the OTA upgrade function, requiring only high-level privileges to trigger. Public exploit code exists for this vulnerability and no patch is currently available, making it an immediate risk for affected devices.
Wl-Nu516U1 Firmware versions up to 20251208. contains a vulnerability that allows attackers to command injection (CVSS 7.2).
Remote code execution in Wavlink WL-NU516U1 firmware through a stack-based buffer overflow in the nas.cgi User1Passwd parameter allows unauthenticated network attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Stack overflow in Wavlink WL-NU516U1 firmware's /cgi-bin/adm.cgi allows remote attackers with high privileges to achieve code execution via a malicious time_zone parameter. Public exploit code exists for this vulnerability, though exploitation requires high complexity and the vendor has not released a patch.
A weakness has been identified in Wavlink NU516U1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A flaw has been found in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A security vulnerability has been detected in Wavlink WL-NU516U1 240425. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was determined in Wavlink WL-NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.