CVE-2026-4163 - Vulnerability Details

- Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection

Description

A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading the affected component is recommended.

Published: 2026-03-14

Score: 9.3 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability exists in the SetName/GuestWifi function within /cgi-bin/wireless.cgi of the Wavlink WL-WN579A3 firmware. An attacker can craft specially formed POST requests that are not properly sanitized, resulting in OS command injection (CWE-74 and CWE-77). Successful exploitation allows execution of arbitrary shell commands on the device, leading to full compromise of confidentiality, integrity, and availability of the wireless router and any networks it supports.

Affected Systems

Affected product: Wavlink WL-WN579A3 firmware version 220323 (or any firmware incorporating the original SetName/GuestWifi implementation). Users of this model are directly impacted by the command injection flaw exposed through the POST Request Handler in wireless.cgi.

Risk and Exploitability

The flaw carries a CVSS score of 9.3, indicating critical severity, and an EPSS score of less than 1%, suggesting that while exploitation is technically possible, it may not be widespread yet. The vulnerability is not listed in CISA’s KEV catalog, but the public exploit code available in GitHub repositories indicates active interest. Attackers can remotely trigger the flaw by sending a crafted POST request over the network, bypassing authentication or other controls that may exist. Remediation through firmware upgrade eliminates the attack surface.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Wavlink

WL-WN579A3

affected

Version	Status	Constraints
`220323`	affected	—

No data.

Vendor Product Confidence Versions

Wavlink

Wl-wn579a3

100%

Version	Status	Scheme	Platform
`220323`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the official firmware upgrade that removes the vulnerable wireless.cgi implementation.

Generated by OpenCVE AI on March 17, 2026 at 16:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00227.

Exploitation poc

Automatable yes

Technical Impact total

References

Link	Providers
https://dl.wavlink.com/firmware/RD/WINSTAR_WN579A3-A-2026-03-10-94f93d4-WO-mt7628-squashfs-sysupgrade.bin
https://github.com/Litengzheng/vul_db/blob/main/WL-WN579A3/vul_10/README.md
https://github.com/Litengzheng/vul_db/blob/main/WL-WN579A3/vul_9/README.md
https://vuldb.com/?ctiid.351070
https://vuldb.com/?id.351070
https://vuldb.com/?submit.765327
https://vuldb.com/?submit.765328

History

Tue, 17 Mar 2026 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 16 Mar 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Wavlink wl-wn579a3
Vendors & Products		Wavlink wl-wn579a3

Sat, 14 Mar 2026 22:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading the affected component is recommended.
Title		Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection
First Time appeared		Wavlink Wavlink wl-wn579a3 Firmware
Weaknesses		CWE-74 CWE-77
CPEs		cpe:2.3:o:wavlink:wl-wn579a3_firmware::::::::
Vendors & Products		Wavlink Wavlink wl-wn579a3 Firmware
References		https://dl.wavlink.com/firmware/RD/WINSTAR_WN579A3-A-2026-03-10-94f93d4-WO-mt7628-squashfs-sysupgrade.bin https://github.com/Litengzheng/vul_db/blob/main/WL-WN579A3/vul_10/README.md https://github.com/Litengzheng/vul_db/blob/main/WL-WN579A3/vul_9/README.md https://vuldb.com/?ctiid.351070 https://vuldb.com/?id.351070 https://vuldb.com/?submit.765327 https://vuldb.com/?submit.765328
Metrics		cvssV2_0 `{'score': 10, 'vector': 'AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C'}` cvssV3_0 `{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C'}` cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C'}` cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Wavlink Wl-wn579a3 Wl-wn579a3 Firmware

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-03-14T22:32:10.502Z

Updated: 2026-03-17T14:11:25.056Z

Reserved: 2026-03-14T08:28:57.337Z

Link: CVE-2026-4163

Vulnrichment

Updated: 2026-03-17T14:11:20.346Z

NVD

Status : Awaiting Analysis

Published: 2026-03-16T14:19:55.143

Modified: 2026-03-16T14:53:07.390

Link: CVE-2026-4163

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-23T13:39:02Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation poc

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object