CNNVD-202509-1798 Information
Sep 12, 2025
cve
CNNVD ID
CNNVD-202509-1798
Related CVE
- CNNVD Published: 2025-09-12
Description (Chinese)
Wavlink WL-WN578W2是中国睿因(Wavlink)公司的一款无线中继器。 Wavlink WL-WN578W2 221110版本存在命令注入漏洞,该漏洞源于对文件/wizard_rep.shtml中函数sub_409184的参数sel_EncrypTyp的错误操作,可能导致远程命令注入攻击。
Description (English)
Wavlink WL-WN578W2 is a wireless repeater of Wavlink. The Wavlink WL-WN578W2221110 version contains a command-injecting loophole, which stems from an error in the parameter sel EncrypTyp for function sub 409184 in document/wizard rep.shtml, which may result in a remote command-injection attack.
Hazard Level
Medium
Vulnerability Type
命令注入
Affected Vendor
睿因
Published
2025-09-12
Last Modified
2026-02-24
References
https://github.com/ZZ2266/.github.io/tree/main/WAVLINK/WL-WN578W2/adm.cgi/wizard_rep.shtml https://vuldb.com/?ctiid.323749 https://vuldb.com/?id.323749 https://vuldb.com/?submit.643434 https://access.redhat.com/security/cve/cve-2025-10323
Share on: