CVE-2026-41925
published 2026-05-04CVE-2026-41925: WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the adm.cgi binary's reboot_time function that allows…
PriorityP274critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
3.39%
87.3th percentile
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the adm.cgi binary's reboot_time function that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the reboot_time POST parameter. Attackers can send a crafted request with shell metacharacters in the reboot_time parameter when reboot_enabled=1 to achieve remote code execution.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| shenzhen_yipu_commercial_and_trading_co_ltd | wdr201a_wifi_extender | <= 1.02.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rcvc-m8x7-hg25: WDR201A WiFi Extender (HW V2
ghsa_unreviewed·2026-05-04
CVE-2026-41925 [CRITICAL] CWE-78 GHSA-rcvc-m8x7-hg25: WDR201A WiFi Extender (HW V2
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the adm.cgi binary's reboot_time function that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the reboot_time POST parameter. Attackers can send a crafted request with shell metacharacters in the reboot_time parameter when reboot_enabled=1 to achieve remote code execution.
VulDB
Shenzhen Yipu WDR201A WiFi Extender up to 1.02 Request adm.cgi reboot_time os command injection (EUVD-2026-27124)
vuldb·2026-05-04·CVSS 9.3
CVE-2026-41925 [CRITICAL] Shenzhen Yipu WDR201A WiFi Extender up to 1.02 Request adm.cgi reboot_time os command injection (EUVD-2026-27124)
A vulnerability has been found in Shenzhen Yipu WDR201A WiFi Extender up to 1.02 and classified as critical. Affected by this issue is some unknown functionality of the file adm.cgi of the component Request Handler. This manipulation of the argument reboot_time causes os command injection.
This vulnerability is handled as CVE-2026-41925. The attack can be initiated remotely. There is not any exploit available.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://mstreet97.github.io/security-research/iot/vulnerability-disclosure/ai-assisted-research/cybersecurity/cve/2026/05/04/Teaching_the_Machine_Where_to_Look.htmlhttps://www.made-in-china.com/showroom/yeapook/#:~:text=Established%20in%202015.%2CDistrict%2C%20Shenzhen%2C%20Guangdong%2C%20Chinahttps://www.vulncheck.com/advisories/wdr201a-wifi-extender-os-command-injection-via-adm-cgi-reboot-time
2026-05-04
Published