プラットフォーム
other
コンポーネント
vul_db
修正版
240425.0.1
CVE-2026-4166 describes a cross-site scripting (XSS) vulnerability affecting the Wavlink WL-NU516U1 router, specifically version 240425. This flaw allows an attacker to inject malicious scripts into the router's web interface, potentially compromising user sessions and data. The vulnerability stems from improper handling of the 'homepage/hostname' argument within the /cgi-bin/login.cgi file. A fix is expected from the vendor.
Successful exploitation of CVE-2026-4166 allows an attacker to execute arbitrary JavaScript code within the context of a user's browser session on the Wavlink WL-NU516U1 router's web interface. This can lead to various malicious actions, including session hijacking, credential theft, and redirection to phishing sites. The attacker could potentially gain control over the router's configuration or use it as a launchpad for further attacks on the internal network. Given the router's role as a gateway, a compromised device could expose sensitive data traversing the network.
CVE-2026-4166 has been publicly disclosed and a proof-of-concept exploit is available, indicating a higher risk of exploitation. The vulnerability is not currently listed on CISA KEV, but its public availability warrants close monitoring. The LOW CVSS score reflects the relatively simple exploitation process and limited potential impact, but the router's network-facing role increases the overall risk.
Small businesses and home users relying on Wavlink WL-NU516U1 routers, particularly those with exposed router management interfaces or weak password policies, are at risk. Shared hosting environments utilizing this router as a gateway could also be impacted.
disclosure
エクスプロイト状況
EPSS
0.03% (10% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2026-4166 is to upgrade to a patched firmware version from Wavlink when available. Until a patch is released, implement temporary workarounds such as deploying a Web Application Firewall (WAF) to filter malicious requests targeting the /cgi-bin/login.cgi endpoint. Strict input validation on the 'homepage/hostname' parameter is also crucial, rejecting any input containing potentially malicious characters. Regularly review router logs for suspicious activity and consider restricting access to the router's web interface to trusted networks.
Wavlink WL-NU516U1 ルーターのファームウェアを 240425 以降のバージョンにアップデートし、XSS 脆弱性を修正してください。最新のファームウェアとアップデート手順については、製造元のウェブサイトを参照してください。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2026-4166 is a cross-site scripting vulnerability in the Wavlink WL-NU516U1 router version 240425, allowing attackers to inject malicious scripts.
If you are using a Wavlink WL-NU516U1 router with firmware version 240425, you are potentially affected by this vulnerability.
Upgrade to a patched firmware version from Wavlink when available. Until then, use a WAF and strict input validation.
A public proof-of-concept exploit is available, suggesting a potential for active exploitation.
Refer to Wavlink's official website or security advisories for updates and information regarding CVE-2026-4166.