VYPR

Wl Nu516u1 Firmware

by Wavlink

CVEs (26)

  • CVE-2026-4861HigMar 26, 2026
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /cgi-bin/nas.cgi. This manipulation of the argument Content-Length causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has…

  • CVE-2026-8230MedMay 10, 2026
    risk 0.41cvss 6.3epss 0.05

    A flaw has been found in Wavlink NU516U1 240425. The impacted element is the function sys_login1 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to os command injection. The attack can be executed remotely. The exploit has been published…

  • CVE-2026-8229MedMay 10, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is…

  • CVE-2026-8228MedMay 10, 2026
    risk 0.41cvss 6.3epss 0.05

    A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlan_conf/Channel/skiplist/ieee_80211h leads to os command injection. The attack may be launched remotely.…

  • CVE-2026-8227MedMay 10, 2026
    risk 0.41cvss 6.3epss 0.05

    A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be…

  • CVE-2026-8192MedMay 9, 2026
    risk 0.41cvss 6.3epss 0.05

    A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wl_Pass is directly passed by the attacker/so we can control the…

  • CVE-2026-8191MedMay 9, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. This affects the function wifi_region of the file /cgi-bin/adm.cgi. Such manipulation of the argument skiplist1/skiplist2 leads to os command injection. The attack can be launched remotely. The exploit is publicly…

  • CVE-2026-8190MedMay 9, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument ppp_username/ppp_passwd/rwan_ip/rwan_mask/rwan_gateway is directly passed by the attacker/so we can control…

  • CVE-2026-8189MedMay 9, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlan_bssid/sel_Automode/sel_EncrypTyp results in os command injection. It is possible to launch…

  • CVE-2026-8188MedMay 9, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Affected is the function change_wifi_password of the file /cgi-bin/adm.cgi. The manipulation of the argument wl_channel/wl_Pass/EncrypType leads to os command injection. It is possible to initiate the attack…

  • CVE-2025-10964MedSep 25, 2025
    risk 0.41cvss 6.3epss 0.07

    A weakness has been identified in Wavlink NU516U1. Affected by this vulnerability is the function sub_401B30 of the file /cgi-bin/firewall.cgi. This manipulation of the argument remoteManagementEnabled causes command injection. The attack can be initiated remotely. The exploit…

  • CVE-2025-10963MedSep 25, 2025
    risk 0.41cvss 6.3epss 0.07

    A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. Affected is the function sub_4016F0 of the file /cgi-bin/firewall.cgi. The manipulation of the argument del_flag results in command injection. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2025-10962MedSep 25, 2025
    risk 0.41cvss 6.3epss 0.07

    A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. This impacts the function sub_403198 of the file /cgi-bin/wireless.cgi of the component SetName Page. The manipulation of the argument mac_5g leads to command injection. It is possible to initiate the attack…

  • CVE-2025-10960MedSep 25, 2025
    risk 0.41cvss 6.3epss 0.07

    A vulnerability was found in Wavlink NU516U1 M16U1_V240425. The impacted element is the function sub_402D1C of the file /cgi-bin/wireless.cgi of the component DeleteMac Page. Performing manipulation of the argument delete_list results in command injection. The attack is possible…

  • CVE-2025-10959MedSep 25, 2025
    risk 0.41cvss 6.3epss 0.07

    A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. The affected element is the function sub_401778 of the file /cgi-bin/firewall.cgi. Such manipulation of the argument dmz_flag leads to command injection. The attack can be executed remotely. The exploit has been…

  • CVE-2025-10958MedSep 25, 2025
    risk 0.41cvss 6.3epss 0.07

    A flaw has been found in Wavlink NU516U1 M16U1_V240425. Impacted is the function sub_403010 of the file /cgi-bin/wireless.cgi of the component AddMac Page. This manipulation of the argument macAddr causes command injection. Remote exploitation of the attack is possible. The…

  • CVE-2025-9149MedAug 19, 2025
    risk 0.41cvss 6.3epss 0.06

    A vulnerability was determined in Wavlink WL-NU516U1 M16U1_V240425. This impacts the function sub_4032E4 of the file /cgi-bin/wireless.cgi. This manipulation of the argument Guest_ssid causes command injection. The attack is possible to be carried out remotely. The exploit has…

  • CVE-2026-3704MedMar 8, 2026
    risk 0.31cvss 4.7epss 0.04

    A vulnerability has been found in Wavlink NU516U1 251208. This vulnerability affects the function sub_405B2C of the file /cgi-bin/firewall.cgi of the component Incomplete Fix CVE-2025-10959. The manipulation leads to command injection. It is possible to initiate the attack…

  • CVE-2026-3662MedMar 7, 2026
    risk 0.31cvss 4.7epss 0.11

    A vulnerability has been found in Wavlink WL-NU516U1 240425. This vulnerability affects the function usb_p910 of the file /cgi-bin/adm.cgi. Such manipulation of the argument Pr_mode leads to command injection. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2026-3661MedMar 7, 2026
    risk 0.31cvss 4.7epss 0.11

    A flaw has been found in Wavlink WL-NU516U1 240425. This affects the function ota_new_upgrade of the file /cgi-bin/adm.cgi. This manipulation of the argument model causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be…

Page 1 of 2