Description
A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This vulnerability affects the function sub_401AD4 of the file /cgi-bin/adm.cgi. Executing a manipulation of the argument Hostname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 20260226 is able to resolve this issue. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Published: 2026-03-08
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Cross‑Site Scripting
Action: Immediate Patch
AI Analysis

Impact

The vulnerability resides in the function sub_401AD4 of /cgi-bin/adm.cgi on the Wavlink WL‑WN579X3‑C router. By manipulating the Hostname argument, an attacker can inject arbitrary script code that is subsequently rendered in the web browser of anyone who accesses the adm.cgi page. The flaw is a traditional cross‑site scripting (XSS) flaw that can be triggered remotely without authentication, allowing an attacker to execute code in the victim’s browser, potentially logging credentials, defacing the web interface, or redirecting users to malicious sites.

Affected Systems

The affected product is the Wavlink WL‑WN579X3‑C consumer router running firmware version 231124. The vendor has released a patch in firmware 20260226 that addresses the flaw; upgrading to that firmware version removes the vulnerability.

Risk and Exploitability

The CVSS score of 4.8 indicates a moderate severity, and an EPSS score of less than 1% suggests a low probability that an exploit is actively used in the wild. The flaw was publicly disclosed and can be exploited remotely from the internet, but since it relies on a browser‑based payload it requires an end‑user or administrator to open the malicious link. The vulnerability is not listed in the CISA KEV catalog, further indicating its exploitation risk is currently modest. Nevertheless, the remote nature of the attack vector and the broad impact of XSS justify prompt action.

Generated by OpenCVE AI on April 16, 2026 at 04:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the router firmware to version 20260226 to remove the sub_401AD4 XSS flaw.
  • Restrict access to the adm.cgi administrative interface by using firewall rules or limiting the IP ranges that can reach the interface.
  • Sanitize and validate the Hostname input parameter to prevent script injection if upgrading is not immediately possible.

Generated by OpenCVE AI on April 16, 2026 at 04:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 10 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Wavlink wl-wn579x3-c Firmware
CPEs cpe:2.3:h:wavlink:wl-wn579x3-c:-:*:*:*:*:*:*:*
cpe:2.3:o:wavlink:wl-wn579x3-c_firmware:231124:*:*:*:*:*:*:*
Vendors & Products Wavlink wl-wn579x3-c Firmware

Mon, 09 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Wavlink
Wavlink wl-wn579x3-c
Vendors & Products Wavlink
Wavlink wl-wn579x3-c

Sun, 08 Mar 2026 07:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This vulnerability affects the function sub_401AD4 of the file /cgi-bin/adm.cgi. Executing a manipulation of the argument Hostname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 20260226 is able to resolve this issue. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Title Wavlink WL-WN579X3-C adm.cgi sub_401AD4 cross site scripting
Weaknesses CWE-79
CWE-94
References
Metrics cvssV2_0

{'score': 3.3, 'vector': 'AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 2.4, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 2.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Wavlink Wl-wn579x3-c Wl-wn579x3-c Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-11T13:50:31.490Z

Reserved: 2026-03-07T11:03:33.300Z

Link: CVE-2026-3716

cve-icon Vulnrichment

Updated: 2026-03-11T13:50:22.640Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-08T08:15:59.470

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-3716

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T04:30:13Z

Weaknesses