CNNVD-202509-3934 Information
CNNVD ID
CNNVD-202509-3934
Related CVE
- CNNVD Published: 2025-09-25
Description (Chinese)
Wavlink NU516U1是中国睿因(Wavlink)公司的一款无线打印服务器。 Wavlink NU516U1 M16U1_V240425版本存在命令注入漏洞,该漏洞源于对文件/cgi-bin/wireless.cgi中组件DeleteMac Page的参数delete_list的错误操作,可能导致远程命令注入攻击。
Description (English)
Wavlink NU516U1 is a wireless printing server for Wavlink. The Wavlink NU516U1 M16U1 V240425 version contains a command-injecting loophole, which results from a mishandling of the parameter of the DeleteMac Page component in document/cgi-bin/wireless.cgi, which could lead to a remote command-injection attack.
Hazard Level
High
Vulnerability Type
命令注入
Affected Vendor
Web Wiz
Published
2025-09-25
Last Modified
2026-02-24
References
https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/DeleteMac.md https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/DeleteMac.md#poc https://vuldb.com/?ctiid.325828 https://vuldb.com/?id.325828 https://vuldb.com/?submit.652780
Share on: