CNNVD-202509-3927 Information
CNNVD ID
CNNVD-202509-3927
Related CVE
- CNNVD Published: 2025-09-25
Description (Chinese)
Wavlink NU516U1是中国睿因(Wavlink)公司的一款无线打印服务器。 Wavlink NU516U1 M16U1_V240425存在命令注入漏洞,该漏洞源于文件/cgi-bin/firewall.cgi中函数sub_4016F0对参数del_flag的错误操作,可能导致远程命令注入攻击。
Description (English)
Wavlink NU516U1 is a wireless printing server for Wavlink. Wavlink NU516U1 M16U1 V240425 has a command-injecting loophole, which stems from the error of the function sub 4016F0 against parameter del flag in file/cgi-bin/firewall.cgi, which may result in a remote command-injecting attack.
Hazard Level
High
Vulnerability Type
命令注入
Affected Vendor
Web Wiz
Published
2025-09-25
Last Modified
2026-02-24
References
https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/singlePortForwardDelete.md https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/singlePortForwardDelete.md#poc https://vuldb.com/?ctiid.325831 https://vuldb.com/?id.325831 https://vuldb.com/?submit.652784
Share on: