CVE-2026-2565
CWE-119Published: February 16, 2026· Updated: Feb 18, 2026
Official Description
A weakness has been identified in Wavlink WL-NU516U1 20251208. Affected by this issue is the function sub_40785C of the file /cgi-bin/adm.cgi. This manipulation of the argument time_zone causes stack-based buffer overflow. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitation is known to be difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Technical Analysis
CVE-2026-2565 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.
Exploitation requires high privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
A successful exploit results in complete confidentiality breach (data exposure), full integrity compromise (data manipulation), availability disruption (denial of service), with a CVSS base score of 6.6.
A proof-of-concept (PoC) exploit exists for CVE-2026-2565. While not yet confirmed in active campaigns, the availability of PoC code increases exploitation risk substantially.
From a weakness classification perspective (CWE-119): Buffer overflow vulnerabilities can lead to arbitrary code execution or denial of service by corrupting adjacent memory.
CVSS v3.1 Vector Breakdown
Affected Vendors & Products
Exploit & PoC Resources
Official Patches & Advisories
News & Research Mentioning CVE-2026-2565
View CSAF Summary SINEC NMS before V4.0 SP3 contains an Authorization Bypass vulnerability that could allow an attacker to bypass authorization checks, leading to the ability to reset the password of any arbitrary user account. Siemens has released a new version for SINEC NMS and recommends to update to the latest version. The following versions of Siemens SINEC NMS are affected: SINEC NMS CVSS Vendor Equipment Vulnerabilities v3 8.8 Siemens Siemens SINEC NMS Authorization Bypass Through User-Controlled Key Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Germany Vulnerabilities Expand All + CVE-2026-25654 Affected products do not properly validate user authorization [xlite_meta score:63 src:CISA Alerts xlite_fp:b9436a0f07ccbe5b47ad0b0aaee16c28c5a235bd132c9f27e863e184eb5347ef]
View CSAF Summary Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges. Siemens has released new versions for the affected products and recommends to update to the latest versions. The following versions of Siemens SINEC NMS are affected: SINEC NMS: Versions prior to V4.0 SP2 (CVE-2026-25655) SINEC NMS: All Versions (CVE-2026-25656) User Management Component (UMC) vers:intdot/<2.15.2.1 (CVE-2026-25656) CVSS Vendor Equipment Vulnerabilities v3 7.8 Siemens Siemens SINEC NMS Uncontrolled Search Path Element Background Critical Infrastructure Sectors: Information Technology, Ener [xlite_meta score:53 src:CISA Alerts xlite_fp:8488bc80fa4caaa7c437039d479c4a7c7411236a69472e576724c8a37b5e5801]
All References (4)
Quick Facts
Related CVEs (CWE-119)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-2565 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts