Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Wavlink WL-WN579A3 Router Login Page Has a Security Flaw
CVE-2026-6559
Summary
A security flaw in the login page of the Wavlink WL-WN579A3 router can allow hackers to inject malicious code into the page. This could potentially let them take control of the router or steal sensitive information. The issue has been fixed in a new version of the router, so you should update your router as soon as possible to stay secure.
Original title
A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub_401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site script...
Original description
A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub_401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
nvd CVSS2.0
5.0
nvd CVSS3.1
4.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
CWE-94
Code Injection
Published: 19 Apr 2026 · Updated: 19 Apr 2026 · First seen: 19 Apr 2026