344 matches found
CVE-2024-39294
A buffer overflow vulnerability exists in the adm.cgi setwzdgw4G functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-37184
A buffer overflow vulnerability exists in the adm.cgi repasbridge functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39358
CVE-2024-39358 affects Wavlink AC3000 M33A8.V5030.210505. Talos details a stack-based buffer overflow in adm.cgi (set_wzap/set_wzdap path) triggered by an authenticated HTTP request, enabling arbitrary code execution. The advisory confirms vulnerable versions and provides exploit behavior; vendor...
CVE-2024-37357
CVE-2024-37357 : Talos and Red Hat/NVD entries describe a stack-based buffer overflow in the Wavlink AC3000 adm.cgi set_TR069() functionality (M33A8.V5030.210505). An authenticated HTTP POST can trigger a long input that overwrites the return address after TR069_local_port is copied to the heap, ...
CVE-2024-37357
A buffer overflow vulnerability exists in the adm.cgi setTR069 functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39774
A buffer overflow vulnerability exists in the adm.cgi setsysadm functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39774
CVE-2024-39774 is a buffer overflow in Wavlink AC3000's adm.cgi set_sys_adm() function (M33A8.V5030.210505). An authenticated HTTP request can trigger a stack-based overflow, potentially enabling code execution or impact to privacy, integrity, and availability per TALOS findings (CVSSv3 9.1/CRITI...
CVE-2024-39370
An arbitrary code execution vulnerability exists in the adm.cgi setMeshAp functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39774
A buffer overflow vulnerability exists in the adm.cgi setsysadm functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-37186
An os command injection vulnerability exists in the adm.cgi setledonoff functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-37186
CVE-2024-37186 affects Wavlink AC3000 M33A8.V5030.210505. Talos details an OS command-injection in adm.cgi set_ledonoff(): an authenticated HTTP request can trigger arbitrary command execution via the led_cmd parameter, leading to high impact. Affected version and firmware: Wavlink AC3000 M33A8.V...
CVE-2024-39783
Multiple OS command injection vulnerabilities exist in the adm.cgi schreboot functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...
CVE-2024-39359
A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39757
A stack-based buffer overflow vulnerability exists in the wireless.cgi AddMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-36295
CVE-2024-36295 : Talos reports a high-severity (CVSSv3 9.1) command injection in the Wavlink AC3000 (M33A8) web UI, via the qos.cgi qos_sta() path. An authenticated HTTP POST to qos_sta can cause arbitrary commands to be written/executed through the handling of POST fields, by persisting data to ...
CVE-2024-36295
A command execution vulnerability exists in the qos.cgi qossta functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39299
The CVE-2024-39299 entry concerns a buffer overflow in Wavlink AC3000 (M33A8.V5030.210505) within qos.cgi qos_sta_settings(). Talos reports that POST data fields cli_list and cli_num are copied to a fixed-size buffer without length checks, enabling a stack-based overflow and potential arbitrary c...
CVE-2024-38666
Cisco Talos reports CVE-2024-38666 affects Wavlink AC3000 M33A8.V5030.210505, where openvpn.cgi openvpn_client_setup() accepts POST data to write into /vendor/openvpn/client/client.ovpn, enabling arbitrary command execution when vpn_type=client and ovpn_text is provided. A specially crafted authe...
CVE-2024-39602
An external config control vulnerability exists in the nas.cgi setnas functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39795
Multiple external config control vulnerabilities exist in the nas.cgi setnas proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...