CVE-2025-10964:Command injection vulnerability in Wavlink NU516U1 firewall.cgi allows remote attackers to execute arbitrary commands.

splash
Back

Description Preview

A command injection vulnerability has been discovered in the Wavlink NU516U1 device. The vulnerability exists in the sub_401B30 function of the /cgi-bin/firewall.cgi file. By manipulating the remoteManagementEnabled argument, an attacker can inject and execute arbitrary commands. This vulnerability can be exploited remotely and requires low privileges. The impact of successful exploitation includes low-level compromise of confidentiality, integrity, and availability. A proof-of-concept exploit has been made publicly available, increasing the risk of active exploitation.

Overview

The vulnerability in Wavlink NU516U1 is classified as a command injection flaw, identified by CVE-2025-10964. It affects the firewall configuration interface and can be exploited remotely with low attack complexity. The CVSS v3.1 base score is 6.3, indicating medium severity. The attack vector is network-based, requires no user interaction, and can be initiated with low privileges. This vulnerability allows an attacker to execute arbitrary commands on the affected system, potentially leading to unauthorized access, data manipulation, or service disruption. The public availability of an exploit increases the likelihood of attacks against unpatched systems.

Remediation

As of the vulnerability disclosure, no official patch or mitigation strategy has been provided by the vendor. The lack of vendor response to the initial disclosure suggests that a fix may not be immediately forthcoming. In the absence of an official patch, network administrators should implement the following temporary measures:

  1. Restrict access to the device's management interface to trusted IP addresses only.
  2. Implement strong network segmentation to isolate affected devices.
  3. Monitor logs for suspicious activities related to the firewall.cgi file.
  4. Consider disabling remote management features if not strictly necessary.
  5. Regularly check for and apply any firmware updates that may address this vulnerability.
  6. Consider replacing the affected device with a more secure alternative if possible.

It is crucial to maintain vigilance and monitor for any vendor communications regarding a permanent fix for this vulnerability.

References

[1] GitHub - Vulnerability details and PoC. Available at: https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/websSysFirewall.md

[2] GitHub - Proof of Concept. Available at: https://github.com/panda666-888/vuls/blob/main/wavlink/nu516u1/websSysFirewall.md#poc

[3] VulDB - Vulnerability Report (CTIID 325832). Available at: https://vuldb.com/?ctiid.325832

[4] VulDB - Vulnerability Details (ID 325832). Available at: https://vuldb.com/?id.325832

[5] VulDB - Submission Information. Available at: https://vuldb.com/?submit.652785

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Accommodation & Food Services: Low
    Accommodation & Food Services
  2. Administrative, Support, Waste Management & Remediation Services: Low
    Administrative, Support, Waste Management & Remediation Services
  3. Agriculture, Forestry Fishing & Hunting: Low
    Agriculture, Forestry Fishing & Hunting
  4. Arts, Entertainment & Recreation: Low
    Arts, Entertainment & Recreation
  5. Construction: Low
    Construction
  6. Educational Services: Low
    Educational Services
  7. Finance and Insurance: Low
    Finance and Insurance
  8. Health Care & Social Assistance: Low
    Health Care & Social Assistance
  9. Information: Low
    Information
  10. Management of Companies & Enterprises: Low
    Management of Companies & Enterprises
  11. Manufacturing: Low
    Manufacturing
  12. Mining: Low
    Mining
  13. Other Services (except Public Administration): Low
    Other Services (except Public Administration)
  14. Professional, Scientific, & Technical Services: Low
    Professional, Scientific, & Technical Services
  15. Public Administration: Low
    Public Administration
  16. Real Estate Rental & Leasing: Low
    Real Estate Rental & Leasing
  17. Retail Trade: Low
    Retail Trade
  18. Transportation & Warehousing: Low
    Transportation & Warehousing
  19. Utilities: Low
    Utilities
  20. Wholesale Trade: Low
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background