A security vulnerability has been identified in the Wavlink WL-WN578W2 wireless router. This issue arises from improper handling of input in the /cgi-bin/wireless.cgi component, particularly affecting the function sub_404DBC. An attacker could exploit this vulnerability by manipulative the macAddr argument to execute arbitrary operating system commands remotely. As the exploit is already public, users of the affected model should take immediate precautions to secure their devices, given the lack of response from the vendor regarding the disclosure.
https://securityvulnerability.io/vulner ... 2025-10359