Improper neutralization of special elements in WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to execute OS commands with the root privilege.
https://www.wavlink.com/en_us/firmware/details/932108ffc5.html