WAVLINK AC3000 adm.cgi set_MeshAp function command injection vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setMeshAp function to properly filter constructed command special characters, commands, etc. The...