{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6483", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-17T05:35:30.853Z", "datePublished": "2026-04-17T10:30:17.119Z", "dateUpdated": "2026-04-17T10:53:26.356Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-17T10:30:17.119Z"}, "title": "Wavlink WL-WN530H4 internet.cgi snprintf os command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "OS Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}], "affected": [{"vendor": "Wavlink", "product": "WL-WN530H4", "versions": [{"version": "20220721", "status": "affected"}, {"version": "2026.04.16", "status": "unaffected"}], "cpes": ["cpe:2.3:o:wavlink:wl-wn530h4_firmware:*:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 2026.04.16 is able to resolve this issue. Upgrading the affected component is recommended."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.6, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 8.3, "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-04-17T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-17T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-17T07:40:59.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "ST4R (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/358021", "name": "VDB-358021 | Wavlink WL-WN530H4 internet.cgi snprintf os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/358021/cti", "name": "VDB-358021 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/783055", "name": "Submit #783055 | https://github.com/dxz0069/WAVLINK-WN530H4-Command-Injection-in- WN530H4 (AC1200 Dual-Band Wi-Fi Router) Firmware: WN530H4-WAVLINK_20220721 Improper Neutralization of Special Elements used in an OS Comman", "tags": ["third-party-advisory"]}, {"url": "https://github.com/dxz0069/WAVLINK-WN530H4-Command-Injection-in-set_add_routing/blob/main/vuldb_submission_report.md", "tags": ["exploit"]}, {"url": "https://dl.wavlink.com/firmware/RD/root_uImage_WN530H4-A_2026.04.16.bin", "tags": ["patch"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-17T10:53:08.442347Z", "id": "CVE-2026-6483", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-17T10:53:26.356Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6483", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-17T10:53:08.442347Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-17T10:53:19.906Z"}}], "cna": {"title": "Wavlink WL-WN530H4 internet.cgi snprintf os command injection", "credits": [{"lang": "en", "type": "reporter", "value": "ST4R (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.6, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 8.3, "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:OF/RC:C"}}], "affected": [{"cpes": ["cpe:2.3:o:wavlink:wl-wn530h4_firmware:*:*:*:*:*:*:*:*"], "vendor": "Wavlink", "product": "WL-WN530H4", "versions": [{"status": "affected", "version": "20220721"}, {"status": "unaffected", "version": "2026.04.16"}]}], "timeline": [{"lang": "en", "time": "2026-04-17T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-17T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-17T07:40:59.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/358021", "name": "VDB-358021 | Wavlink WL-WN530H4 internet.cgi snprintf os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/358021/cti", "name": "VDB-358021 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/783055", "name": "Submit #783055 | https://github.com/dxz0069/WAVLINK-WN530H4-Command-Injection-in- WN530H4 (AC1200 Dual-Band Wi-Fi Router) Firmware: WN530H4-WAVLINK_20220721 Improper Neutralization of Special Elements used in an OS Comman", "tags": ["third-party-advisory"]}, {"url": "https://github.com/dxz0069/WAVLINK-WN530H4-Command-Injection-in-set_add_routing/blob/main/vuldb_submission_report.md", "tags": ["exploit"]}, {"url": "https://dl.wavlink.com/firmware/RD/root_uImage_WN530H4-A_2026.04.16.bin", "tags": ["patch"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 2026.04.16 is able to resolve this issue. Upgrading the affected component is recommended."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "OS Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-17T10:30:17.119Z"}}}, "cveMetadata": {"cveId": "CVE-2026-6483", "state": "PUBLISHED", "dateUpdated": "2026-04-17T10:53:26.356Z", "dateReserved": "2026-04-17T05:35:30.853Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-17T10:30:17.119Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 2026.04.16 is able to resolve this issue. Upgrading the affected component is recommended."}], "id": "CVE-2026-6483", "lastModified": "2026-04-22T20:22:50.570", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "MULTIPLE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-17T11:16:11.160", "references": [{"source": "cna@vuldb.com", "url": "https://dl.wavlink.com/firmware/RD/root_uImage_WN530H4-A_2026.04.16.bin"}, {"source": "cna@vuldb.com", "url": "https://github.com/dxz0069/WAVLINK-WN530H4-Command-Injection-in-set_add_routing/blob/main/vuldb_submission_report.md"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/783055"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358021"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358021/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}, {"lang": "en", "value": "CWE-78"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "calver", "value": "20220721"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "calver", "value": "2026.04.16"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "WL-WN530H4", "source": "cna", "vendor": "Wavlink"}, "product": "wl-wn530h4", "vendor": "wavlink"}], "analysis": {"en": {"generated_at": "2026-04-17T11:24:23.258594+00:00", "value": {"mitigation_remediation": ["Upgrade the router firmware to version 2026.04.16.", "Disable or restrict remote management of /cgi-bin/internet.cgi to trusted internal networks only.", "Apply firewall or network segmentation rules to block external access to the router\u2019s web interface and limit exposure to the local network."], "summary": {"action": "Immediate Patch", "impact": "Remote OS Command Injection"}, "threat_synthesis": {"affected_systems": "Wavlink WL-WN530H4 routers running firmware version 20220721 are affected. All units with this firmware are vulnerable; the issue is fixed in the firmware update released on 2026.04.16.", "description_and_impact": "The flaw arises from improper use of strcat/snprintf in /cgi-bin/internet.cgi, allowing an attacker to inject arbitrary operating\u2011system commands into the device\u2019s firmware. The injected commands execute with the privileges of the router, enabling full control over the device and compromising its confidentiality, integrity, and availability. The vulnerability is identified by CWE\u201177 and CWE\u201178 for command injection and unsafe command execution.", "risk_and_exploitability": "With a CVSS score of 8.6, the vulnerability is considered high severity. Although EPSS data is not available, the public availability of an exploit suggests that exploitation is plausible. The feature can be triggered by remote network traffic to /cgi-bin/internet.cgi, so any router exposed to the internet faces a significant risk. The vulnerability is not listed in CISA KEV, but the high impact and remote attack vector warrant immediate action."}}}}, "created": "2026-04-17T11:30:16.785286+00:00", "title": "Wavlink WL-WN530H4 internet.cgi snprintf OS command injection", "updated": "2026-04-17T11:30:16.983746+00:00", "vendors": ["wavlink", "wavlink$PRODUCT$wl-wn530h4"]}