Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Wavlink — Vulnerabilities & Security Advisories 128

Browse all 128 CVE security advisories affecting Wavlink. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WAVLINK operates primarily as a manufacturer of consumer networking hardware, specializing in Wi-Fi routers, range extenders, and USB adapters for home and small office environments. Security audits have identified a significant volume of vulnerabilities within its firmware ecosystem, with 119 Common Vulnerabilities and Exposures currently recorded. These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation issues, often stemming from inadequate input validation and weak authentication mechanisms in web management interfaces. While the company has not been the subject of a singular, widely publicized catastrophic breach comparable to major IoT botnets, the sheer number of disclosed CVEs indicates systemic weaknesses in its secure development lifecycle. Many of these vulnerabilities allow unauthenticated attackers to gain administrative control or execute arbitrary commands, posing substantial risks to user privacy and network integrity.

Top products by Wavlink: Wavlink AC3000 NU516U1 WL-NU516U1 WL-WN578W2 WL-WN579A3 WN530H4 WN535K2 WN531G3 WL-WN579X3-C WL-WN570HA1 WN579X3 QUANTUM D2G WL-WN530H4
CVE IDTitleCVSSSeverityPublished
CVE-2026-8230 Wavlink NU516U1 login.cgi sys_login1 os command injection — NU516U1CWE-78 6.3 Medium2026-05-10
CVE-2026-8229 Wavlink NU516U1 wireless.cgi WifiBasic os command injection — NU516U1CWE-78 6.3 Medium2026-05-10
CVE-2026-8228 Wavlink NU516U1 wireless.cgi advance os command injection — NU516U1CWE-78 6.3 Medium2026-05-10
CVE-2026-8227 Wavlink NU516U1 adm.cgi wzdapMesh os command injection — NU516U1CWE-78 6.3 Medium2026-05-10
CVE-2026-8192 Wavlink NU516U1 adm.cgi wzdap os command injection — NU516U1CWE-78 6.3 Medium2026-05-09
CVE-2026-8191 Wavlink NU516U1 adm.cgi wifi_region os command injection — NU516U1CWE-78 6.3 Medium2026-05-09
CVE-2026-8190 Wavlink NU516U1 adm.cgi wan os command injection — NU516U1CWE-78 6.3 Medium2026-05-09
CVE-2026-8189 Wavlink NU516U1 adm.cgi wzdrepeater os command injection — NU516U1CWE-78 6.3 Medium2026-05-09
CVE-2026-8188 Wavlink NU516U1 adm.cgi change_wifi_password os command injection — NU516U1CWE-78 6.3 Medium2026-05-09
CVE-2026-7692 Wavlink WL-WN570HA1 adm.cgi ping_ddns command injection — WL-WN570HA1CWE-77 6.3 Medium2026-05-03
CVE-2026-7691 Wavlink WL-WN570HA1 adm.cgi set_sys_cmd command injection — WL-WN570HA1CWE-77 6.3 Medium2026-05-03
CVE-2026-7690 Wavlink WL-WN570HA1 adm.cgi set_sys_adm command injection — WL-WN570HA1CWE-77 6.3 Medium2026-05-03
CVE-2026-6559 Wavlink WL-WN579A3 login.cgi sub_401F80 cross site scripting — WL-WN579A3CWE-79 4.3 Medium2026-04-19
CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection — WL-WN530H4CWE-78 7.2 High2026-04-17
CVE-2026-5004 Wavlink WL-WN579X3-C UPNP firewall.cgi sub_4019FC stack-based overflow — WL-WN579X3-CCWE-121 8.8 High2026-03-28
CVE-2026-4861 Wavlink WL-NU516U1 nas.cgi ftext stack-based overflow — WL-NU516U1CWE-121 8.8 High2026-03-26
CVE-2026-4544 Wavlink WL-WN578W2 POST Request login.cgi cross site scripting — WL-WN578W2CWE-79 2.4 Low2026-03-22
CVE-2026-4543 Wavlink WL-WN578W2 POST Request firewall.cgi command injection — WL-WN578W2CWE-77 6.3 Medium2026-03-22
CVE-2026-4166 Wavlink WL-NU516U1 login.cgi sub_404F68 cross site scripting — WL-NU516U1CWE-79 3.5 Low2026-03-15
CVE-2026-4164 Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection — WL-WN578W2CWE-77 9.8 Critical2026-03-15
CVE-2026-4163 Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection — WL-WN579A3CWE-77 9.8 Critical2026-03-14
CVE-2026-3716 Wavlink WL-WN579X3-C adm.cgi sub_401AD4 cross site scripting — WL-WN579X3-CCWE-79 2.4 Low2026-03-08
CVE-2026-3715 Wavlink WL-WN579X3-C firewall.cgi sub_40139C stack-based overflow — WL-WN579X3-CCWE-121 8.8 High2026-03-08
CVE-2026-3703 Wavlink NU516U1 login.cgi sub_401A10 out-of-bounds write — NU516U1CWE-787 9.8 Critical2026-03-08
CVE-2026-3704 Wavlink NU516U1 Incomplete Fix CVE-2025-10959 firewall.cgi sub_405B2C command injection — NU516U1CWE-77 4.7 Medium2026-03-08
CVE-2026-3662 Wavlink WL-NU516U1 adm.cgi usb_p910 command injection — WL-NU516U1CWE-77 4.7 Medium2026-03-07
CVE-2026-3661 Wavlink WL-NU516U1 adm.cgi ota_new_upgrade command injection — WL-NU516U1CWE-77 4.7 Medium2026-03-07
CVE-2026-3613 Wavlink WL-NU516U1 login.cgi sub_401A0C stack-based overflow — WL-NU516U1CWE-121 7.2 High2026-03-06
CVE-2026-3612 Wavlink WL-NU516U1 OTA Online Upgrade adm.cgi sub_405AF4 command injection — WL-NU516U1CWE-77 7.2 High2026-03-06
CVE-2026-2615 Wavlink WL-NU516U1 firewall.cgi singlePortForwardDelete command injection — WL-NU516U1CWE-77 7.2 High2026-02-17

This page lists every published CVE security advisory associated with Wavlink. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.