← back
CVE-2025-44868

CVE-2025-44868

CVSS 9.8 CRITICALEPSS 2.6%CWE-77
Vexday Risk Score
48Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 9.8EPSS 2.6%KEV nãoPoC públicaNuclei Metasploit Patch
Lifecycle
02 May 2025Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the ping_test function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →