PT-2026-33435 · Wavlink · Wl-Wn530H4
St4R
·
Published
2026-04-17
·
Updated
2026-04-17
·
CVE-2026-6483
CVSS v2.0
8.3
High
| Vector | AV:N/AC:L/Au:M/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Wavlink WL-WN530H4 versions prior to 2026.04.16
Description
OS command injection is possible in the '/cgi-bin/internet.cgi' file through the manipulation of the
strcat() and snprintf() functions. This issue allows a remote attacker to execute arbitrary operating system commands.Recommendations
Update to version 2026.04.16.
Exploit
Fix
RCE
OS Command Injection
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Wl-Wn530H4