Wl Wn578w2

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-4164 CRITICAL POC PATCH Act Now

Critical command injection vulnerability in Wavlink WL-WN578W2 wireless routers (firmware version 221110) that allows unauthenticated remote attackers to execute arbitrary commands via specially crafted POST requests to multiple functions in the wireless.cgi script. A public proof-of-concept exploit is available on GitHub, and the vendor has released a patch, making this a high-priority issue for immediate remediation despite no current KEV listing.

Command Injection Wl Wn578w2

NVD VulDB GitHub

CVSS 3.1

9.8

EPSS

0.2%

CVE-2026-4164

EPSS 0% CVSS 9.8

CRITICAL POC PATCH Act Now

Critical command injection vulnerability in Wavlink WL-WN578W2 wireless routers (firmware version 221110) that allows unauthenticated remote attackers to execute arbitrary commands via specially crafted POST requests to multiple functions in the wireless.cgi script. A public proof-of-concept exploit is available on GitHub, and the vendor has released a patch, making this a high-priority issue for immediate remediation despite no current KEV listing.

Command Injection Wl Wn578w2

NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy