Security Advisory

CVE-2026-3612

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-06 00:32:10

Last updated 2026-03-09 15:31:47

Assigner VulDB

State PUBLISHED

Description

A vulnerability was determined in Wavlink WL-NU516U1 V240425. This affects the function sub_405AF4 of the file /cgi-bin/adm.cgi of the component OTA Online Upgrade. This manipulation of the argument firmware_url causes command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.

← Browse all CVEs View on cve.org ↗