Wavlink WL-WN579A3 Command Injection Vulnerability in firewall.cgi Allowing Remote Code Execution
Vulnerability
A command injection vulnerability has been identified in the Wavlink WL-WN579A3 router, specifically in the firewall management CGI script. This vulnerability allows attackers to execute arbitrary commands on the device by sending crafted input. The issue arises because the 'system' function in the CGI script can be manipulated to execute commands of the attacker's choosing.
Impact
Exploitation of this vulnerability allows for arbitrary command execution on the affected device.
Reproduction
To reproduce this vulnerability, send a POST request to the '/cgi-bin/firewall.cgi' endpoint with the 'firewall' parameter set to 'singlePortForwardDelete' and the 'del_flag' parameter crafted to include the desired command injection payload. The request must include the 'HTTP_REFERER' and 'HTTP_COOKIE' headers to bypass initial checks. Once the payload is executed, the injected command will be executed on the device, confirming the successful exploitation of the vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.