16591 matches found
CVE-2024-39787
Multiple directory traversal vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal...
CVE-2024-39786
Multiple directory traversal vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal...
CVE-2024-39788
Multiple external config control vulnerabilities exist in the nas.cgi setftpcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...
CVE-2024-39786
Multiple directory traversal vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal...
CVE-2024-39789
Multiple external config control vulnerabilities exist in the nas.cgi setftpcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...
CVE-2024-39789
CVE-2024-39789 affects Wavlink AC3000 (M33A8.V5030.210505) via nas.cgi set_ftp_cfg() with multiple external config control flaws. The TALOS write-up details vulnerability in the FTP config flow (ftp_name, ftp_port, ftp_max_sessions, ftp_adddir, ftp_anonymous, ftp_read/write/download/upload) store...
CVE-2024-39789
Multiple external config control vulnerabilities exist in the nas.cgi setftpcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...
CVE-2024-39788
Multiple external config control vulnerabilities exist in the nas.cgi setftpcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...
CVE-2024-39788
CVE-2024-39788 affects the Wavlink AC3000 (M33A8.V5030.210505) via nas.cgi set_ftp_cfg(); an authenticated HTTP request can inject configuration through ftp_name (and related ftp_* parameters) stored in nvram, leading to a storage.sh ftp call that can modify ProFTPD config (e.g., ServerName, Port...
CVE-2024-39785
Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...
CVE-2024-39784
Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...
CVE-2024-39784
Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...
CVE-2024-39785
Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...
CVE-2024-39785
CVE-2024-39785 affects Wavlink AC3000 M33A8.V5030.210505: the nas.cgi add_dir() function accepts adddir_name via POST and, via the adddir_name path, constructs and executes shell commands (mkdir -p and chmod 777) using the provided input, enabling arbitrary command execution. This requires an aut...
CVE-2024-39784
CVE-2024-39784 is a confirmed command-injection vulnerability in Wavlink AC3000, affecting the NAS CGI (nas.cgi) add_dir() function. Talos reports the flaw resides in processing of the disk_part POST parameter (and related adddir_name in a parallel CVE-2024-39785 path), enabling arbitrary shell c...
CVE-2024-35278
A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiPortal versions 7.2.4 through 7.2.0 and 7.0.0 through 7.2.8 may allow an authenticated attacker to view the SQL query being run server-side when submitting an HTTP request, via including special...
CVE-2023-42786
A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request...
CVE-2023-42785
A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request...
CVE-2023-42785
Fortinet FortiOS contains a null pointer dereference leading to denial of service (DoS) via a crafted HTTP request. Affected products and versions include FortiOS 7.4.0–7.4.1, 7.2.0–7.2.5, and all 7.0, 6.4, 6.2, and 6.0 branches. The underlying issue is a null pointer dereference in handling craf...
Wavlink AC3000 wireless.cgi SetName() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2039 Wavlink AC3000 wireless.cgi SetName buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39357 SUMMARY A stack-based buffer overflow vulnerability exists in the wireless.cgi SetName functionality of Wavlink AC3000 M33A8.V5030.210505. A...