Vulnerability Description
A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argument homepage/hostname/login_page can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wavlink | Wl-Wn578W2 Firmware | 221110 |
| Wavlink | Wl-Wn578W2 | - |
Related Weaknesses (CWE)
References
- https://github.com/Litengzheng/vul_db/blob/main/WL-WN578W2/vul_6/README.mdExploitThird Party Advisory
- https://github.com/Litengzheng/vul_db/blob/main/WL-WN578W2/vul_7/README.mdExploitThird Party Advisory
- https://vuldb.com/?ctiid.352361Permissions RequiredVDB Entry
- https://vuldb.com/?id.352361Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.774692Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.774693Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.774696Third Party AdvisoryVDB Entry
FAQ
What is CVE-2026-4544?
CVE-2026-4544 is a vulnerability with a CVSS score of 2.4 (LOW). A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argu...
How severe is CVE-2026-4544?
CVE-2026-4544 has been rated LOW with a CVSS base score of 2.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-4544?
Check the references section above for vendor advisories and patch information. Affected products include: Wavlink Wl-Wn578W2 Firmware, Wavlink Wl-Wn578W2.