Armis Logo< Back

CVE-2025-10961:

Command injection vulnerability in Wavlink NU516U1 M16U1_V240425 allows adjacent network attackers to execute arbitrary commands via the delete_list parameter in the Delete_Mac_list page.


Score
Info
A numerical rating that indicates how dangerous this vulnerability is.

8.0High
  • Published Date:Sep 25, 2025
  • CISA KEV Date:*No Data*
  • Industries Affected:20

Threat Predictions

  • EPSS Score:0.7
  • EPSS Percentile:72%

Exploitability

  • Score:2.1
  • Attack Vector:ADJACENT_NETWORK
  • Attack Complexity:LOW
  • Privileges Required:LOW
  • User Interaction:NONE
  • Scope:UNCHANGED

Impact

  • Score:5.9
  • Confidentiality Impact:HIGH
  • Integrity Impact:HIGH
  • Availability Impact:HIGH

Description Preview

Command injection vulnerability in Wavlink NU516U1 M16U1_V240425 allows adjacent network attackers to execute arbitrary commands via the delete_list parameter in the Delete_Mac_list page.

Overview

The vulnerability in the Wavlink NU516U1 M16U1_V240425 device is classified as a command injection flaw, associated with CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component) and CWE-77 (Improper Neutralization of Special Elements used in a Command). The CVSS v3.1 base score is 5.5 (Medium severity), indicating a moderate level of risk. The attack vector is adjacent network, requiring low attack complexity and low privileges, with no user interaction needed. The vulnerability affects the confidentiality, integrity, and availability of the system, each to a low degree. The attack does not change the scope of impact beyond the vulnerable component.

Remediation

  • As the vendor has not responded to the vulnerability disclosure, there are currently no official patches or updates available to address this issue. In the absence of a vendor-provided fix, users of the Wavlink NU516U1 M16U1_V240425 device should take the following precautions:
  • 1. Limit network access to the device, especially from untrusted networks.
  • 2. Implement strong network segmentation to isolate the vulnerable device.
  • 3. Monitor the device for any suspicious activities or unauthorized access attempts.
  • 4. Consider replacing the device with a more secure alternative if possible.
  • 5. Regularly check for any updates or announcements from Wavlink regarding this vulnerability.
  • It is crucial to implement these measures to mitigate the risk while awaiting an official fix from the vendor.

References

Industries Affected

Below is a list of industries most commonly impacted or potentially at risk based on intelligence.

Low
Mining icon
Mining
Utilities icon
Utilities
Information icon
Information
Construction icon
Construction
Retail Trade icon
Retail Trade
Manufacturing icon
Manufacturing
Wholesale Trade icon
Wholesale Trade
Educational Services icon
Educational Services
Finance and Insurance icon
Finance and Insurance
Public Administration icon
Public Administration
Real Estate Rental and Leasing icon
Real Estate Rental and Leasing
Transportation and Warehousing icon
Transportation and Warehousing
Accommodation and Food Services icon
Accommodation and Food Services
Health Care and Social Assistance icon
Health Care and Social Assistance
Arts, Entertainment, and Recreation icon
Arts, Entertainment, and Recreation
Management of Companies and Enterprises icon
Management of Companies and Enterprises
Agriculture, Forestry, Fishing and Hunting icon
Agriculture, Forestry, Fishing and Hunting
Other Services (except Public Administration) icon
Other Services (except Public Administration)
Professional, Scientific, and Technical Services icon
Professional, Scientific, and Technical Services
Administrative and Support and Waste Management and Remediation Services icon
Administrative and Support and Waste Management and Remediation Services

Focus on What Matters

See everything.Identify true risk.Proactively mitigate threats.Book a Demo

Let's talk!