Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WAVLINK — Vulnerabilities & Security Advisories 128

Browse all 128 CVE security advisories affecting WAVLINK. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WAVLINK operates primarily as a manufacturer of consumer networking hardware, specializing in Wi-Fi routers, range extenders, and USB adapters for home and small office environments. Security audits have identified a significant volume of vulnerabilities within its firmware ecosystem, with 119 Common Vulnerabilities and Exposures currently recorded. These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation issues, often stemming from inadequate input validation and weak authentication mechanisms in web management interfaces. While the company has not been the subject of a singular, widely publicized catastrophic breach comparable to major IoT botnets, the sheer number of disclosed CVEs indicates systemic weaknesses in its secure development lifecycle. Many of these vulnerabilities allow unauthenticated attackers to gain administrative control or execute arbitrary commands, posing substantial risks to user privacy and network integrity.

Top products by WAVLINK: Wavlink AC3000 NU516U1 WL-NU516U1 WL-WN578W2 WL-WN579A3 WN530H4 WN535K2 WN531G3 WL-WN579X3-C WL-WN570HA1 WN579X3 QUANTUM D2G WL-WN530H4
CVE IDTitleCVSSSeverityPublished
CVE-2026-2567 Wavlink WL-NU516U1 nas.cgi sub_401218 stack-based overflow — WL-NU516U1CWE-121 7.2 High2026-02-16
CVE-2026-2566 Wavlink WL-NU516U1 adm.cgi sub_406194 stack-based overflow — WL-NU516U1CWE-121 7.2 High2026-02-16
CVE-2026-2565 Wavlink WL-NU516U1 adm.cgi sub_40785C stack-based overflow — WL-NU516U1CWE-121 6.6 Medium2026-02-16
CVE-2026-2530 Wavlink WL-WN579A3 wireless.cgi AddMac command injection — WL-WN579A3CWE-77 6.3 Medium2026-02-16
CVE-2026-2529 Wavlink WL-WN579A3 wireless.cgi DeleteMac command injection — WL-WN579A3CWE-77 6.3 Medium2026-02-16
CVE-2026-2528 Wavlink WL-WN579A3 wireless.cgi Delete_Mac_list command injection — WL-WN579A3CWE-77 6.3 Medium2026-02-16
CVE-2026-2527 Wavlink WL-WN579A3 login.cgi command injection — WL-WN579A3CWE-77 6.3 Medium2026-02-16
CVE-2026-2526 Wavlink WL-WN579A3 wireless.cgi multi_ssid command injection — WL-WN579A3CWE-77 6.3 Medium2026-02-16
CVE-2025-10964 Wavlink NU516U1 firewall.cgi sub_401B30 command injection — NU516U1CWE-77 6.3 Medium2025-09-25
CVE-2025-10963 Wavlink NU516U1 firewall.cgi sub_4016F0 command injection — NU516U1CWE-77 6.3 Medium2025-09-25
CVE-2025-10962 Wavlink NU516U1 SetName wireless.cgi sub_403198 command injection — NU516U1CWE-77 6.3 Medium2025-09-25
CVE-2025-10961 Wavlink NU516U1 Delete_Mac_list wireless.cgi sub_4030C0 command injection — NU516U1CWE-77 5.5 Medium2025-09-25
CVE-2025-10960 Wavlink NU516U1 DeleteMac wireless.cgi sub_402D1C command injection — NU516U1CWE-77 6.3 Medium2025-09-25
CVE-2025-10959 Wavlink NU516U1 firewall.cgi sub_401778 command injection — NU516U1CWE-77 6.3 Medium2025-09-25
CVE-2025-10958 Wavlink NU516U1 AddMac wireless.cgi sub_403010 command injection — NU516U1CWE-77 6.3 Medium2025-09-25
CVE-2025-10775 Wavlink WL-NU516U1 login.cgi sub_4012A0 os command injection — WL-NU516U1CWE-78 4.7 Medium2025-09-22
CVE-2025-10359 Wavlink WL-WN578W2 wireless.cgi sub_404DBC os command injection — WL-WN578W2CWE-78 7.3 High2025-09-13
CVE-2025-10358 Wavlink WL-WN578W2 wireless.cgi sub_404850 os command injection — WL-WN578W2CWE-78 7.3 High2025-09-13
CVE-2025-10325 Wavlink WL-WN578W2 login.cgi sub_401BA4 command injection — WL-WN578W2CWE-77 6.3 Medium2025-09-12
CVE-2025-10324 Wavlink WL-WN578W2 firewall.cgi sub_401C5C command injection — WL-WN578W2CWE-77 7.3 High2025-09-12
CVE-2025-10323 Wavlink WL-WN578W2 wizard_rep.shtml sub_409184 command injection — WL-WN578W2CWE-77 7.3 High2025-09-12
CVE-2025-10322 Wavlink WL-WN578W2 sysinit.html password recovery — WL-WN578W2CWE-640 5.3 Medium2025-09-12
CVE-2025-10321 Wavlink WL-WN578W2 live_online.shtml information disclosure — WL-WN578W2CWE-200 5.3 Medium2025-09-12
CVE-2025-9149 Wavlink WL-NU516U1 wireless.cgi sub_4032E4 command injection — WL-NU516U1CWE-77 6.3 Medium2025-08-19
CVE-2025-5408 WAVLINK WL-WN576K1 HTTP POST Request login.cgi sys_login buffer overflow — QUANTUM D2GCWE-120 9.8 Critical2025-06-01
CVE-2024-34166 WAVLINK AC3000 命令注入漏洞 — Wavlink AC3000CWE-77 10.0 Critical2025-01-14
CVE-2024-39761 WAVLINK AC3000 命令注入漏洞 — Wavlink AC3000CWE-77 10.0 Critical2025-01-14
CVE-2024-39363 WAVLINK AC3000 安全漏洞 — Wavlink AC3000CWE-80 9.6 Critical2025-01-14
CVE-2024-39760 WAVLINK AC3000 命令注入漏洞 — Wavlink AC3000CWE-77 10.0 Critical2025-01-14
CVE-2024-36290 WAVLINK AC3000 安全漏洞 — Wavlink AC3000CWE-120 10.0 Critical2025-01-14

This page lists every published CVE security advisory associated with WAVLINK. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.