{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4164", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-14T12:21:53.308Z", "datePublished": "2026-03-15T03:02:10.413Z", "dateUpdated": "2026-03-17T13:42:57.181Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-15T03:02:10.413Z"}, "title": "Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "Wavlink", "product": "WL-WN578W2", "versions": [{"version": "221110", "status": "affected"}], "cpes": ["cpe:2.3:o:wavlink:wl-wn578w2_firmware:*:*:*:*:*:*:*:*"], "modules": ["POST Request Handler"]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function Delete_Mac_list/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit has been published and may be used. It is recommended to upgrade the affected component."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 9.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "CRITICAL"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseSeverity": "CRITICAL"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseSeverity": "CRITICAL"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 10, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-03-14T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-14T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-14T13:26:57.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "LtzHust (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.351071", "name": "VDB-351071 | Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.351071", "name": "VDB-351071 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.768292", "name": "Submit #768292 | Wavlink WL-WN578W2 V221110 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.768293", "name": "Submit #768293 | Wavlink WL-WN578W2 V221110 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.768294", "name": "Submit #768294 | Wavlink WL-WN578W2 V221110 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Litengzheng/vul_db/blob/main/WL-WN578W2/vul_1/README.md", "tags": ["related"]}, {"url": "https://github.com/Litengzheng/vul_db/blob/main/WL-WN578W2/vul_2/README.md", "tags": ["exploit"]}, {"url": "https://dl.wavlink.com/firmware/RD/WINSTAR_WN578W2-A-2026-03-10-94f93d4-WO-mt7628-squashfs-sysupgrade.bin", "tags": ["patch"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-17T13:42:31.012214Z", "id": "CVE-2026-4164", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-17T13:42:57.181Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4164", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-17T13:42:31.012214Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-17T13:42:53.112Z"}}], "cna": {"title": "Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection", "credits": [{"lang": "en", "type": "reporter", "value": "LtzHust (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 10, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C"}}], "affected": [{"cpes": ["cpe:2.3:o:wavlink:wl-wn578w2_firmware:*:*:*:*:*:*:*:*"], "vendor": "Wavlink", "modules": ["POST Request Handler"], "product": "WL-WN578W2", "versions": [{"status": "affected", "version": "221110"}]}], "timeline": [{"lang": "en", "time": "2026-03-14T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-14T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-14T13:26:57.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.351071", "name": "VDB-351071 | Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.351071", "name": "VDB-351071 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.768292", "name": "Submit #768292 | Wavlink WL-WN578W2 V221110 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.768293", "name": "Submit #768293 | Wavlink WL-WN578W2 V221110 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.768294", "name": "Submit #768294 | Wavlink WL-WN578W2 V221110 Command Injection (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Litengzheng/vul_db/blob/main/WL-WN578W2/vul_1/README.md", "tags": ["related"]}, {"url": "https://github.com/Litengzheng/vul_db/blob/main/WL-WN578W2/vul_2/README.md", "tags": ["exploit"]}, {"url": "https://dl.wavlink.com/firmware/RD/WINSTAR_WN578W2-A-2026-03-10-94f93d4-WO-mt7628-squashfs-sysupgrade.bin", "tags": ["patch"]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function Delete_Mac_list/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit has been published and may be used. It is recommended to upgrade the affected component."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-15T03:02:10.413Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4164", "state": "PUBLISHED", "dateUpdated": "2026-03-17T13:42:57.181Z", "dateReserved": "2026-03-14T12:21:53.308Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-15T03:02:10.413Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function Delete_Mac_list/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit has been published and may be used. It is recommended to upgrade the affected component."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad en Wavlink WL-WN578W2 221110. Se ve afectada la funci\u00f3n Delete_Mac_list/SetName/GuestWifi del archivo /cgi-bin/wireless.cgi del componente Gestor de Solicitudes POST. La ejecuci\u00f3n de una manipulaci\u00f3n puede conducir a una inyecci\u00f3n de comandos. Es posible lanzar el ataque remotamente. El exploit ha sido publicado y puede ser utilizado. Se recomienda actualizar el componente afectado."}], "id": "CVE-2026-4164", "lastModified": "2026-04-22T21:30:26.497", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.9, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-16T14:19:55.380", "references": [{"source": "cna@vuldb.com", "url": "https://dl.wavlink.com/firmware/RD/WINSTAR_WN578W2-A-2026-03-10-94f93d4-WO-mt7628-squashfs-sysupgrade.bin"}, {"source": "cna@vuldb.com", "url": "https://github.com/Litengzheng/vul_db/blob/main/WL-WN578W2/vul_1/README.md"}, {"source": "cna@vuldb.com", "url": "https://github.com/Litengzheng/vul_db/blob/main/WL-WN578W2/vul_2/README.md"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.351071"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.351071"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.768292"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.768293"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.768294"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-77"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[221110,221110]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "WL-WN578W2", "source": "cna", "vendor": "Wavlink"}, "product": "wl-wn578w2", "vendor": "wavlink"}], "analysis": {"en": {"generated_at": "2026-03-17T17:51:10.097909+00:00", "value": {"mitigation_remediation": ["Update the router firmware to the latest version available from Wavlink", "Disable the GuestWifi feature if it is not required", "Restrict external access to the /cgi-bin/wireless.cgi endpoint using firewall rules or VPN", "Monitor device logs for suspicious POST requests to wireless.cgi"], "summary": {"action": "Update Firmware", "impact": "Command Injection"}, "threat_synthesis": {"affected_systems": "The issue affects Wavlink WL\u2011WN578W2 routers running the 221110 firmware build. Only devices that expose the /cgi-bin/wireless.cgi endpoint with the GuestWifi functionality are vulnerable, as described in the vendor\u2019s documentation.", "description_and_impact": "A flaw has been found in the Delete_Mac_list, SetName, and GuestWifi functions of /cgi-bin/wireless.cgi on the Wavlink WL\u2011WN578W2. The vulnerability allows an attacker to inject arbitrary shell commands via a crafted POST request. This results in remote command execution with the privileges of the web service process. The weakness corresponds to CWE\u201174 (Untrusted Input to a Command Processor) and CWE\u201177 (Improper Limitation of a Command).", "risk_and_exploitability": "The CVSS base score is 9.3, classifying the vulnerability as critical. EPSS is below 1\u202f%, indicating a low current exploitation probability, yet an exploit has been published and is available. The vulnerability is not listed in the CISA KEV catalog. The vendor confirms that the attack can be launched remotely via a POST request to /cgi-bin/wireless.cgi without prior authentication."}}}}, "created": "2026-03-16T09:22:11.167973+00:00", "updated": "2026-03-23T14:02:04.755958+00:00", "vendors": ["wavlink", "wavlink$PRODUCT$wl-wn578w2"]}