High severity8.8NVD Advisory· Published Mar 28, 2026· Updated Apr 3, 2026
CVE-2026-5004
CVE-2026-5004
Description
A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:o:wavlink:wl-wn579x3-c_firmware:231124:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:wavlink:wl-wn579x3-c_firmware:231124:*:*:*:*:*:*:*
- (no CPE)range: = 231124
Patches
Vulnerability mechanics
References
4- github.com/Litengzheng/vul_db/blob/main/WL-WN579X3-C/vul_200/README.mdnvdExploitThird Party Advisory
- vuldb.com/submit/779149nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/353891nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/353891/ctinvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.