A vulnerability was found in Wavlink WL-NU516U1-A M16U1_V240425 and classified as critical . The impacted element is the function sub_407504 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler . Such manipulation of the argument Guest_ssid leads to stack-based buffer overflow. This vulnerability is documented as CVE-2026-13539 . The attack can be executed remotely. Additionally, an exploit exists. It is suggested to upgrade the affected component. The vendor was contacted e