NVD HIGH: CVE-2026-5004 — A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the ...

Saturday, March 28, 2026 at 06:15 PM UTC·Source: NIST NVD

Updated: Friday, April 3, 2026 at 09:52 PM UTC

Executive Summary

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early abo

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-5004

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on Mar 28, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Inconsistent Privacy Labels Don't Tell Users What They Are Getting

Data privacy labels are a great idea for mobile apps, but the current versions just aren't good enough.

3h agoDark Reading

MEDIUMVulnerability

LinkedIn secretely scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed extensions and collect device data. [...]

4h agoBleepingComputer

MEDIUMVulnerability

FCC proposes $4.5 million fine for voice service provider hosting ‘suspicious’ foreign call traffic

Voxbeam’s actions allegedly led to “financial impersonation robocalls” that were made to American consumers “ using “non-compliant and long dormant accounts,” the FCC said.

4h agoThe Record