St4R

**Name of the Vulnerable Software and Affected Versions** D-Link DNS-320 version 2.06B01 **Description** A weakness in the '/cgi-bin/system mgr.cgi' file allows for remote OS command injection. This issue affects the `cgi set host()`, `cgi set ntp()`, `cgi fan control()`, and `cgi merge user()` functions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC6 version 15.03.06.23 **Description** A remote OS command injection exists in the `httpd` component. The issue occurs within the `get log file()` function of the '/goform/getLogFile' endpoint, where improper manipulation of the `wans.flag` argument allows for the execution of arbitrary operating system commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the '/goform/getLogFile' endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** D-Link DNS-320 version 2.06B01 **Description** Remote OS command injection is possible via the '/cgi-bin/network mgr.cgi' endpoint. The issue exists within the functions `cgi speed()`, `cgi dhcpd lease()`, `cgi ddns()`, `cgi set ip()`, `cgi upnp del()`, `cgi dhcpd()`, `cgi upnp add()`, and `cgi upnp edit()`. This allows a remote attacker to execute arbitrary operating system commands on the device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DNS-320 version 2.06B01 **Description** A flaw in the '/cgi-bin/webfile mgr.cgi' endpoint allows remote attackers to perform OS command injection. This occurs through the manipulation of the `delete`, `rename`, `copy`, `move`, `chmod`, and `chown` functions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC6 version 15.03.06.23 **Description** A weakness in the `httpd` component allows remote OS command injection. The issue exists within the `formWifiApScan()` function located in the `/goform/WifiApScan` endpoint. An attacker can trigger this by manipulating the `wl2g.public.country` or `wl5g.public.country` arguments. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/goform/WifiApScan` endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Tenda AC6 2.0 version 15.03.06.23 **Description** An OS command injection issue exists in the httpd component within the '/goform/telnet' file. This occurs when the `lan.ip` argument is manipulated, allowing for remote exploitation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC6 version 15.03.06.49 multi TDE01 **Description** A flaw in the `httpd` component allows remote attackers to perform OS command injection. The issue exists within the `fromSetWirelessRepeat()` function located in the '/goform/WifiExtraSet' endpoint, where manipulating the `mac` or `ssid` arguments enables the execution of arbitrary operating system commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the '/goform/WifiExtraSet' endpoint or avoid using the `mac` and `ssid` parameters within that endpoint.

**Name of the Vulnerable Software and Affected Versions** Wavlink WL-WN530H4 versions prior to 2026.04.16 **Description** OS command injection is possible in the '/cgi-bin/internet.cgi' file through the manipulation of the `strcat()` and `snprintf()` functions. This issue allows a remote attacker to execute arbitrary operating system commands. **Recommendations** Update to version 2026.04.16.