CVE-2026-6559

· NIST NVD ↗

A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub_401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. Remote exploitation of the attack is possible. Upgrading the affected component is recommended. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

MEDIUM
CVSS severity
4.3
CVSS base score
2026-04-19
Published

CWE codes

CWE-79CWE-94

Sources