PT-2026-33435 · Wavlink · Wl-Wn530H4

St4R

·

Published

2026-04-17

·

Updated

2026-04-17

·

CVE-2026-6483

CVSS v2.0

8.3

High

VectorAV:N/AC:L/Au:M/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Wavlink WL-WN530H4 versions prior to 2026.04.16
Description OS command injection is possible in the '/cgi-bin/internet.cgi' file through the manipulation of the strcat() and snprintf() functions. This issue allows a remote attacker to execute arbitrary operating system commands.
Recommendations Update to version 2026.04.16.

Exploit

Fix

RCE

Command Injection

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-77CWE-78

Related Identifiers

CVE-2026-6483

Affected Products

Wl-Wn530H4