CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-2567

A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vulnerability affects the function sub_401218 of the file /cgi-bin/nas.cgi. Performing a manipulation of the argument User1Passwd results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.3%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 8.3

References

https://github.com/Wlz1112/Wavlink-NU516U1-V251208-/blob/main/nas.cgi_User1Passwd.md
https://vuldb.com/?ctiid.346174
https://vuldb.com/?id.346174
https://vuldb.com/?submit.752016

Products affected by CVE-2026-2567

Wavlink » Wl-Nu516u1 » Version: N/A

cpe:2.3:h:wavlink:wl-nu516u1:-
Wavlink » Wl-Nu516u1 Firmware » Version: Any

cpe:2.3:o:wavlink:wl-nu516u1_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-2567

Products

Pricing

Contact Us