CVE Catalog

CVE-2026-13538

MediumCVSS 6.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
1.31%

67th percentile — higher than 67% of all known CVEs

Summary

A command injection vulnerability was found in Wavlink WL-NU516U1-A firmware version M16U1_V240425. The issue is in the sub_401D68 function of the /cgi-bin/wireless.cgi file, where the SSID2G2, SSID5G2, AuthMethod2, and WPAPSK12 parameters are improperly handled. Remote exploitation is possible, and the exploit has been publicly disclosed.

Risk Assessment

The organization is at risk of remote takeover of the Wavlink device, which could lead to network compromise, data interception, or use of the device as an entry point for further attacks.

Recommendation

Immediately update the Wavlink WL-NU516U1-A firmware to the latest version released by the vendor, which fixes this vulnerability. Until the update is applied, restrict access to the device management interface to trusted IP addresses only.

Original NVD description (English source)

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1_V240425. The affected element is the function sub_401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS