An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges.
https://gitlab.com/drakylar1/drakylar-cve-list/-/blob/master/Wavlink/CVE-2020-15489_multiple_rce.txt