CNNVD-202509-3936 Information
Sep 25, 2025
cve
CNNVD ID
CNNVD-202509-3936
Related CVE
- CNNVD Published: 2025-09-25
Description (Chinese)
Wavlink NU516U1是中国睿因(Wavlink)公司的一款无线打印服务器。 Wavlink NU516U1 M16U1_V240425版本存在命令注入漏洞,该漏洞源于对文件/cgi-bin/wireless.cgi中参数macAddr的错误操作,可能导致命令注入攻击。
Description (English)
Wavlink NU516U1 is a wireless printing server for Wavlink. The Wavlink NU516U1 M16U1 V240425 version contains a command-injecting loophole, which stems from an error in the MACAddr parameter in document/cgi-bin/wireless.cgi, which could lead to an order-injection attack.
Hazard Level
High
Vulnerability Type
命令注入
Affected Vendor
Web Wiz
Published
2025-09-25
Last Modified
2026-02-24
References
https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/AddMac.md https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/AddMac.md#poc https://vuldb.com/?ctiid.325826 https://vuldb.com/?id.325826 https://vuldb.com/?submit.652768
Share on: