PT-2025-44186 · Wavlink · Wl-Wn530Hg3+1
Published
2025-10-28
·
Updated
2025-11-03
·
CVE-2025-61128
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
WAVLINK QUANTUM D3G/WL-WN530HG3 firmware version M30HG3 V240730
Description
A stack-based buffer overflow exists in WAVLINK QUANTUM D3G/WL-WN530HG3 firmware version M30HG3 V240730, and potentially other WAVLINK models. This allows attackers to execute arbitrary code by sending a crafted
referrer value in a POST request to the ''login.cgi'' endpoint. The vulnerability is triggered when processing the referrer parameter.Recommendations
Versions prior to M30HG3 V240730 should be updated.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wavlink Quantum D3G
Wl-Wn530Hg3