Home / Vulnerability Intelligence / CVE-2026-3715

CVE-2026-3715 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 9, 2026

Wavlink WL-WN579X3-C - Buffer Overflow

Published: March 8, 2026Updated: March 9, 2026Remote Exploitable

Overview

Wavlink WL-WN579X3-C 231124 contains a stack-based buffer overflow caused by manipulation of the "del_flag" argument in /cgi-bin/firewall.cgi, letting remote attackers cause memory corruption, exploit requires crafted request.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 4.3%(Probability of exploitation in next 30 days)

Impact

Remote attackers can cause memory corruption, potentially leading to remote code execution or system crash.

Mitigation

Upgrade to version 20260226.

References

Social Media Activity(1 post)

Offensive Sequence

@offseq

Mar 8, 2026

🛡️ CVE-2026-3715: HIGH-severity stack overflow in Wavlink WL-WN579X3-C routers (v231124). Remote attackers can execute code w/o auth. Exploit code is public — patch to 20260226 now! https://radar.offseq.com/threat/cve-2026-3715-stack-based-buffer-overflow-in-wavli-504a0f36 #OffSeq #Vulnerability #RouterSecurity #Infosec

View original post

Related Resources

Details

CVE ID: CVE-2026-3715
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: unconfirmed
EPSS: 4.3%
Social Posts: 1

CWE

CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.3%Probability of exploitation in the next 30 days