林淦

4 exploits Active since Aug 2025
CVE-2025-9149 WRITEUP MEDIUM WRITEUP
Wavlink WL-NU516U1 M16U1_V240425 - Command Injection
A vulnerability was determined in Wavlink WL-NU516U1 M16U1_V240425. This impacts the function sub_4032E4 of the file /cgi-bin/wireless.cgi. This manipulation of the argument Guest_ssid causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
CVSS 6.3
CVE-2025-9387 WRITEUP MEDIUM WRITEUP
DCN DCME-720 9.1.5.11 - Code Injection
A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ip_block.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Other products might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 6.3
CVE-2025-9149 WRITEUP MEDIUM WRITEUP
Wavlink WL-NU516U1 M16U1_V240425 - Command Injection
A vulnerability was determined in Wavlink WL-NU516U1 M16U1_V240425. This impacts the function sub_4032E4 of the file /cgi-bin/wireless.cgi. This manipulation of the argument Guest_ssid causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
CVSS 6.3
CVE-2025-9387 WRITEUP MEDIUM WRITEUP
DCN DCME-720 9.1.5.11 - Code Injection
A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ip_block.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Other products might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 6.3