CNNVD-202509-3935 Information

CNNVD ID

CNNVD-202509-3935

Related CVE

CVE-2025-10959

• CNNVD Published: 2025-09-25

Description (Chinese)

Wavlink NU516U1是中国睿因（Wavlink）公司的一款无线打印服务器。 Wavlink NU516U1 M16U1_V240425版本存在命令注入漏洞，该漏洞源于对文件/cgi-bin/firewall.cgi中函数sub_401778的参数dmz_flag的错误操作，可能导致远程命令注入。

Description (English)

Wavlink NU516U1 is a wireless printing server for Wavlink. The Wavlink NU516U1 M16U1 V240425 version contains a command-injecting loophole that results from an error in the parameter dmz flag of sub 401778 in file/cgi-bin/firewall.cgi.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

Web Wiz

Published

2025-09-25

Last Modified

2026-02-24

References

https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/DMZ.md https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/DMZ.md#poc https://vuldb.com/?ctiid.325827 https://vuldb.com/?id.325827 https://vuldb.com/?submit.652769