Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 8:59 a.m.7 views

CVE-2024-38666

An external config control vulnerability exists in the openvpn.cgi openvpnclientsetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS7AI score0.18881EPSS
Exploits1
OSV
OSV
added 2025/01/14 3:15 p.m.5 views

CVE-2024-38666

An external config control vulnerability exists in the openvpn.cgi openvpnclientsetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS7.4AI score0.18881EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/01/14 2:21 p.m.5 views

CVE-2024-38666

An external config control vulnerability exists in the openvpn.cgi openvpnclientsetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS7AI score0.18881EPSS
Exploits1References1
CVE
CVE
added 2025/01/14 2:21 p.m.55 views

CVE-2024-38666

Cisco Talos reports CVE-2024-38666 affects Wavlink AC3000 M33A8.V5030.210505, where openvpn.cgi openvpn_client_setup() accepts POST data to write into /vendor/openvpn/client/client.ovpn, enabling arbitrary command execution when vpn_type=client and ovpn_text is provided. A specially crafted authe...

9.1CVSS7.1AI score0.18881EPSS
Exploits1References2Affected Software1
Talos
Talos
added 2025/01/14 12:0 a.m.23 views

Wavlink AC3000 openvpn.cgi openvpn_client_setup() Configuration Control Vulnerability

Talos Vulnerability Report TALOS-2024-2051 Wavlink AC3000 openvpn.cgi openvpnclientsetup Configuration Control Vulnerability January 14, 2025 CVE Number CVE-2024-38666 SUMMARY An external config control vulnerability exists in the openvpn.cgi openvpnclientsetup functionality of Wavlink AC3000...

9.1CVSS7.3AI score0.18881EPSS
Exploits1
Rows per page
Query Builder