CNNVD-202509-4063 Information

CNNVD ID

CNNVD-202509-4063

Related CVE

CVE-2025-55847

• CNNVD Published: 2025-09-26

Description (Chinese)

Wavlink M86X3A_V240730是中国睿因（Wavlink）公司的一款设备固件。 Wavlink M86X3A_V240730存在安全漏洞，该漏洞源于/cgi-bin/ExportAllSettings.cgi文件中Cookie参数未正确验证输入数据长度，可能导致执行任意代码或拒绝服务攻击。

Description (English)

Wavlink M86X3A V240730 is a solid piece of equipment for Wavlink. There is a security loophole in Wavlink M86X3A V240730, which stems from the fact that Cookie parameters in/cgi-bin/ExportAllSettings.cgi document do not correctly verify the length of the input data, which may lead to the execution of arbitrary codes or denial of service attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

睿因

Published

2025-09-26

Last Modified

2026-02-24

References

https://github.com/meigui637/iot_zone/blob/main/%E6%A0%88%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E.md