CVE-2026-2529 – Wavlink WL-WN579A3 wireless.cgi DeleteMac command injection

CVE ID : CVE-2026-2529

Published : Feb. 16, 2026, 2:16 a.m. | 18 minutes ago

Description : A security flaw has been discovered in Wavlink WL-WN579A3 up to 20210219. Affected by this issue is the function DeleteMac of the file /cgi-bin/wireless.cgi. The manipulation of the argument delete_list results in command injection. The attack can be executed remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…