NVD HIGH: CVE-2026-8189 — A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Affected by this vul...

Saturday, May 9, 2026 at 05:16 PM UTC·Source: NIST NVD

Updated: Thursday, May 14, 2026 at 01:01 PM UTC

Executive Summary

A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlan_bssid/sel_Automode/sel_EncrypTyp results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclos

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-8189

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 9, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Colorado governor commutes prison sentence for election denier Tina Peters

Peters was sentenced to nine years for stealing voting data and has been publicly unrepentant. But Colorado Governor Jared Polis has been hinting at the decision for months. The post Colorado governor commutes prison sentence for election denier Tina Peters appeared first on CyberScoop .

1h agoCyberScoop

MEDIUMVulnerability

More than $10 million stolen from crypto platform THORChain

THORChain officials said the investigation into the incident is ongoing but explained that one of their six vaults was compromised, leading to a loss of about $10.7 million.

4h agoThe Record

CRITICALVulnerability

Funnel Builder WordPress plugin bug exploited to steal credit cards

A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. [...]

4h agoBleepingComputer