Primary

Context

WDR201A WiFi Extender OS Command Injection Vulnerability in wireless.cgi

Vulnerability

An OS command injection vulnerability has been identified in the WDR201A WiFi Extender, specifically in the wireless.cgi binary of firmware version LFMZX28040922V1.02. This vulnerability allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the sz11gChannel or PIN POST parameters. The exploitation takes advantage of unsanitized parameter handling in the set_wifi_basic and set_wifi_do_wps functions, enabling remote code execution without authentication.

Impact

Successful exploitation of this vulnerability allows for arbitrary command execution on the device.

Reproduction

The vulnerability can be reproduced by sending a POST request to the wireless.cgi script with the 'page' parameter set to 'basic' or 'WPS', and injecting a command into the 'sz11gChannel' or 'PIN' parameters. The injected command will be executed on the device.

Added: May 4, 2026, 8:22 PM

Updated: May 4, 2026, 8:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

7.4

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

7.4

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WDR201A WiFi Extender OS Command Injection Vulnerability in wireless.cgi

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating