CVE-2026-7692: Command Injection in Wavlink WL-WN570HA1
CVE-2026-7692 is a command injection vulnerability in the Wavlink WL-WN570HA1 router, specifically in the ping_ddns function of the /cgi-bin/adm.cgi file. The vulnerability allows remote attackers to manipulate the DDNS argument to execute arbitrary commands. The affected firmware version R70HA1 V1410_221110 has been removed from the vendor's website and is no longer supported. No official patch or remediation is available. The vulnerability has a medium severity with a CVSS score of 5.3. Exploits are publicly known but not confirmed in the wild. This issue affects only unsupported devices.
AI Analysis
Technical Summary
The Wavlink WL-WN570HA1 router firmware version R70HA1 V1410_221110 contains a command injection vulnerability in the ping_ddns function within /cgi-bin/adm.cgi. By manipulating the DDNS argument, an attacker can remotely execute arbitrary commands on the device. The vendor has removed this firmware version from their website and no longer supports it. There is no official fix or patch available for this vulnerability. The CVSS 4.0 base score is 5.3, indicating medium severity. Public exploit code exists, but no active exploitation in the wild has been reported.
Potential Impact
Successful exploitation allows remote command execution on affected devices, potentially compromising device integrity and control. However, the impact is limited to devices running an unsupported firmware version that has been removed from official distribution. No evidence of active exploitation in the wild has been reported.
Mitigation Recommendations
No official patch or remediation is available since the affected firmware is no longer supported. The vendor has removed the vulnerable firmware version from their website. Users should upgrade to supported Wavlink devices or firmware versions not affected by this vulnerability. Replacement of affected devices is recommended to mitigate risk.
CVE-2026-7692: Command Injection in Wavlink WL-WN570HA1
Description
CVE-2026-7692 is a command injection vulnerability in the Wavlink WL-WN570HA1 router, specifically in the ping_ddns function of the /cgi-bin/adm.cgi file. The vulnerability allows remote attackers to manipulate the DDNS argument to execute arbitrary commands. The affected firmware version R70HA1 V1410_221110 has been removed from the vendor's website and is no longer supported. No official patch or remediation is available. The vulnerability has a medium severity with a CVSS score of 5.3. Exploits are publicly known but not confirmed in the wild. This issue affects only unsupported devices.
CVSS v4.0
Score 5.3medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Wavlink WL-WN570HA1 router firmware version R70HA1 V1410_221110 contains a command injection vulnerability in the ping_ddns function within /cgi-bin/adm.cgi. By manipulating the DDNS argument, an attacker can remotely execute arbitrary commands on the device. The vendor has removed this firmware version from their website and no longer supports it. There is no official fix or patch available for this vulnerability. The CVSS 4.0 base score is 5.3, indicating medium severity. Public exploit code exists, but no active exploitation in the wild has been reported.
Potential Impact
Successful exploitation allows remote command execution on affected devices, potentially compromising device integrity and control. However, the impact is limited to devices running an unsupported firmware version that has been removed from official distribution. No evidence of active exploitation in the wild has been reported.
Mitigation Recommendations
No official patch or remediation is available since the affected firmware is no longer supported. The vendor has removed the vulnerable firmware version from their website. Users should upgrade to supported Wavlink devices or firmware versions not affected by this vulnerability. Replacement of affected devices is recommended to mitigate risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-05-02T16:33:38.615Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69f72fd4cbff5d8610f05c43
Added to database: 5/3/2026, 11:21:56 AM
Last enriched: 5/11/2026, 2:23:24 AM
Last updated: 6/16/2026, 11:01:57 AM
Views: 114
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.