PT-2025-39436 · Wavlink · M16U1 V240425+1
Panda_0X1
·
Publicado
2025-09-11
·
Atualizado
2025-09-25
·
CVE-2025-10961
CVSS v3.1
8.0
Alta
| Vetor | AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Wavlink NU516U1 M16U1 V240425
Description
A flaw exists in the function
sub 4030C0 within the file /cgi-bin/wireless.cgi of the Delete Mac list Page component. Manipulation of the delete list argument can result in command injection. The vendor was contacted regarding this issue but did not respond.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Command Injection
Special Elements Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
M16U1 V240425
Wavlink Nu516U1