Vulnerability Description
A flaw has been found in Wavlink WL-NU516U1 up to 20251208. The affected element is the function singlePortForwardDelete of the file /cgi-bin/firewall.cgi. Executing a manipulation of the argument del_flag can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wavlink | Wl-Nu516U1 Firmware | <= 2025-12-08 |
| Wavlink | Wl-Nu516U1 | - |
Related Weaknesses (CWE)
References
- https://github.com/Wlz1112/Wavlink-NU516U1-V251208-/blob/main/singlePortForwardDExploitThird Party Advisory
- https://github.com/Wlz1112/Wavlink-NU516U1-V251208-/blob/main/singlePortForwardDExploit
- https://vuldb.com/?ctiid.346265Permissions RequiredVDB Entry
- https://vuldb.com/?id.346265Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.751047Third Party AdvisoryVDB Entry
FAQ
What is CVE-2026-2615?
CVE-2026-2615 is a vulnerability with a CVSS score of 7.2 (HIGH). A flaw has been found in Wavlink WL-NU516U1 up to 20251208. The affected element is the function singlePortForwardDelete of the file /cgi-bin/firewall.cgi. Executing a manipulation of the argument del...
How severe is CVE-2026-2615?
CVE-2026-2615 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-2615?
Check the references section above for vendor advisories and patch information. Affected products include: Wavlink Wl-Nu516U1 Firmware, Wavlink Wl-Nu516U1.