WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the failure of the restartmin parameter of the adm.cgi schreboot function to correctly filter the constructor command...

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the failure of the gateway parameter of the internet.cgi setaddrouting function to correctly filter the construct command...

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that originates from the failure of the restartweekvalue parameter of the login.cgi setsysinit function to correctly filter constructed command special characters,...

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the nas.cgi setsmbcfg function failing to correctly filter constructed command special characters, commands, etc. The...

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setledonoff function to correctly filter constructed command special characters, commands, etc. The...

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that originates from the touchlistsync.cgi touchlistsync function failing to correctly filter constructed command special characters, commands, etc. An attacker could u...

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an external configuration control vulnerability that originates from the openvpn.cgi openvpnserversetup function's selopeninterface parameter failing to correctly filter constructed command special...

PT-2025-4794 · Hewlett Packard · Hpe Aruba Networking Aos

The network management service is affected by an authenticated command injection issue in its command line interface, which could allow an attacker to execute arbitrary commands as a privileged user on the underlying operating system. Unfortunately, the specific versions of the network management...

PT-2025-2538 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A stack-based buffer overflow issue exists in the SetName functionality of wireless.cgi. This can be triggered by a specially crafted HTTP request, potentially leading to arbitrary comman...

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the custominterface parameter of the internet.cgi setaddrouting function to correctly filter constructed comman...

PT-2025-2516 · Wavlink +1 · Wavlink Ac3000 +1

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A vulnerability exists in the openvpn client setup function of the openvpn.cgi functionality, allowing for arbitrary command execution through a specially crafted HTTP request. An attacke...

PT-2025-2533 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A vulnerability exists in the set smb cfg function of nas.cgi, allowing for external configuration control. This can be exploited through a specially crafted HTTP request, potentially...

Wavlink AC3000 wireless.cgi set_wifi_basic() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2041 Wavlink AC3000 wireless.cgi setwifibasic buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36493 SUMMARY A stack-based buffer overflow vulnerability exists in the wireless.cgi setwifibasic functionality of Wavlink AC3000...

Wavlink AC3000 nas.cgi set_smb_cfg() Configuration Control Vulnerability

Talos Vulnerability Report TALOS-2024-2055 Wavlink AC3000 nas.cgi setsmbcfg Configuration Control Vulnerability January 14, 2025 CVE Number CVE-2024-39280 SUMMARY An external config control vulnerability exists in the nas.cgi setsmbcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A special...

Wavlink AC3000 qos.cgi qos_sta() command injection vulnerability

Talos Vulnerability Report TALOS-2024-2047 Wavlink AC3000 qos.cgi qossta command injection vulnerability January 14, 2025 CVE Number CVE-2024-36295 SUMMARY A command execution vulnerability exists in the qos.cgi qossta functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...

Wavlink AC3000 openvpn.cgi openvpn_server_setup() Configuration Control Vulnerabilities

Talos Vulnerability Report TALOS-2024-2050 Wavlink AC3000 openvpn.cgi openvpnserversetup Configuration Control Vulnerabilities January 14, 2025 CVE Number CVE-2024-39798,CVE-2024-39800,CVE-2024-39799 SUMMARY Multiple external config control vulnerabilities exists in the openvpn.cgi...

The vulnerability of the web interface or command interface of the Lenovo XClarity Controller (XCC) for Lenovo ThinkSystem servers allows a perpetrator to execute arbitrary commands.

The vulnerability of the web interface or command interface of the Lenovo XClarity Controller XCC for Lenovo ThinkSystem servers is related to the failure to take measures to neutralize certain elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a...

The vulnerability of the Lenovo XClarity Controller (XCC) against Lenovo ThinkSystem servers allows a hacker to execute arbitrary commands.

The vulnerability of the Lenovo XClarity Controller XCC for Lenovo ThinkSystem systems is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using specially created files...

The vulnerability of the Lenovo XClarity Controller (XCC) for Lenovo ThinkSystem servers arises from the lack of measures taken to neutralize specific elements, allowing a perpetrator to execute arbitrary commands.

The vulnerability of the Lenovo XClarity Controller XCC for Lenovo ThinkSystem systems is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using specially created files...

SUSE CVE-2024-28892

An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...