CVE-2026-41922
published 2026-05-04CVE-2026-41922: WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the wireless.cgi binary that allows unauthenticated…
PriorityP273critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
4.98%
91.1th percentile
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the wireless.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the sz11gChannel or PIN POST parameters. Attackers can exploit unsanitized parameter handling in the set_wifi_basic and set_wifi_do_wps functions to achieve remote code execution without authentication.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| shenzhen_yipu_commercial_and_trading_co_ltd | wdr201a_wifi_extender | <= 1.02.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8wgj-4v3p-3568: WDR201A WiFi Extender (HW V2
ghsa_unreviewed·2026-05-04
CVE-2026-41922 [CRITICAL] CWE-78 GHSA-8wgj-4v3p-3568: WDR201A WiFi Extender (HW V2
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the wireless.cgi binary that allow unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the sz11gChannel or PIN POST parameters. Attackers can exploit unsanitized parameter handling in the set_wifi_basic and set_wifi_do_wps functions to achieve remote code execution without authentication.
VulDB
Shenzhen Yipu WDR201A WiFi Extender up to 1.02 wireless.cgi set_wifi_basic sz11gChannel/PIN os command injection (EUVD-2026-27117)
vuldb·2026-05-04·CVSS 9.3
CVE-2026-41922 [CRITICAL] Shenzhen Yipu WDR201A WiFi Extender up to 1.02 wireless.cgi set_wifi_basic sz11gChannel/PIN os command injection (EUVD-2026-27117)
A vulnerability, which was classified as critical, has been found in Shenzhen Yipu WDR201A WiFi Extender up to 1.02. Affected is the function set_wifi_basic of the file wireless.cgi. The manipulation of the argument sz11gChannel/PIN leads to os command injection.
This vulnerability is traded as CVE-2026-41922. It is possible to initiate the attack remotely. There is no exploit available.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://mstreet97.github.io/security-research/iot/vulnerability-disclosure/ai-assisted-research/cybersecurity/cve/2026/05/04/Teaching_the_Machine_Where_to_Look.htmlhttps://www.made-in-china.com/showroom/yeapook/#:~:text=Established%20in%202015.%2CDistrict%2C%20Shenzhen%2C%20Guangdong%2C%20Chinahttps://www.vulncheck.com/advisories/wdr201a-wifi-extender-os-command-injection-via-wireless-cgi
2026-05-04
Published