CVE-2026-7691 - Vulnerability Details

- Wavlink WL-WN570HA1 adm.cgi set_sys_cmd command injection

Description

A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410_221110. Impacted is the function set_sys_cmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Once again the vendors acted very professional and confirms, "that the WN570HA1 firmware version R70HA1 V1410_221110 has been removed from our website." This vulnerability only affects products that are no longer supported by the maintainer.

Published: 2026-05-03

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A command injection flaw exists in the set_sys_cmd function of the /cgi-bin/adm.cgi file on the Wavlink WL‑WN570HA1 router. The vulnerability allows an attacker to supply crafted arguments that are interpreted by the underlying operating system, enabling execution of arbitrary shell commands. This can compromise the confidentiality, integrity, and availability of the affected device and any network resources it connects to. The weakness is a combination of CWE‑74 (Improper Neutralization of Special Elements in Input) and CWE‑77 (Command Injection).

Affected Systems

The flaw affects the Wavlink WL‑WN570HA1 router with firmware version R70HA1 V1410_221110. This specific revision is no longer supported or available from the vendor and therefore no patch is presently provided.

Risk and Exploitability

The vulnerability carries a CVSS score of 5.3, indicating moderate severity. No EPSS score is available, and the issue is not listed in the CISA KEV catalog. The attack can be performed remotely, most likely by sending HTTP requests to the router’s administrative web interface. Because the device is out of support, attackers could exploit the flaw until the device is either replaced or isolated.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Wavlink

WL-WN570HA1

affected

Version	Status	Constraints
`R70HA1 V1410_221110`	affected	—

No data.

Vendor Product Confidence Versions

Wavlink

Wl-wn570ha1

100%

Version	Status	Scheme	Platform
`R70HA1 V1410_221110`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Replace the router with a model that is still supported and receives security updates.
If replacement is not possible, isolate the device on a separate, non‑trusted network segment and block external access to its management interface.
Disable or remove the web administration interface to prevent remote exploitation via /cgi-bin/adm.cgi.

Generated by OpenCVE AI on May 3, 2026 at 11:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00841.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://lavender-bicycle-a5a.notion.site/Wavlink-WN570HA1-set_sys_cmd-34753a41781f80ab88a1d95d4f798d1f?source=copy_link
https://vuldb.com/submit/807806
https://vuldb.com/vuln/360861
https://vuldb.com/vuln/360861/cti

History

Sun, 03 May 2026 23:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Wavlink Wavlink wl-wn570ha1
Vendors & Products		Wavlink Wavlink wl-wn570ha1

Sun, 03 May 2026 10:45:00 +0000

Type	Values Removed	Values Added
Description		A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410_221110. Impacted is the function set_sys_cmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Once again the vendors acted very professional and confirms, "that the WN570HA1 firmware version R70HA1 V1410_221110 has been removed from our website." This vulnerability only affects products that are no longer supported by the maintainer.
Title		Wavlink WL-WN570HA1 adm.cgi set_sys_cmd command injection
Weaknesses		CWE-74 CWE-77
References		https://lavender-bicycle-a5a.notion.site/Wavlink-WN570HA1-set_sys_cmd-34753a41781f80ab88a1d95d4f798d1f?source=copy_link https://vuldb.com/submit/807806 https://vuldb.com/vuln/360861 https://vuldb.com/vuln/360861/cti
Metrics		cvssV2_0 `{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Wavlink Wl-wn570ha1

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-05-03T10:15:11.137Z

Updated: 2026-05-03T10:15:11.137Z

Reserved: 2026-05-02T16:33:35.460Z

Link: CVE-2026-7691

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-03T11:16:13.263

Modified: 2026-05-03T11:16:13.263

Link: CVE-2026-7691

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-03T21:32:37Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object