216.73.216.242

CVE-2026-3704

· Published 08/03/2026 04:15 · Modified 09/03/2026 13:35

Labels: CVE-2026-3704 2026-03-08CVE-2026-3704CWE-74[email protected]

Essential information

Published
08/03/2026 04:15
Modified
09/03/2026 13:35
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability has been found in Wavlink NU516U1 251208. This vulnerability affects the function sub_405B2C of the file /cgi-bin/firewall.cgi of the component Incomplete Fix CVE-2025-10959. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
wavlink / nu516u1 cpe:2.3:a:wavlink:nu516u1:*:*:*:*:*:*:*:*

References