Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.6 views

CVE-2024-34166

An os command injection vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of HTTP requests can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability...

10CVSS7.8AI score0.1579EPSS
Exploits1References1
NVD
NVD
added 2025/01/14 3:15 p.m.6 views

CVE-2024-34166

An os command injection vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of HTTP requests can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability...

10CVSS0.1579EPSS
Exploits1References2
CVE
CVE
added 2025/01/14 2:21 p.m.41 views

CVE-2024-34166

CVE-2024-34166 affects Wavlink AC3000 M33A8.V5030.210505. The vulnerability is an OS command injection in the touchlist_sync.cgi touchlistsync() function, exploited by a specially crafted HTTP request to trigger arbitrary code execution. Cisco Talos (TALOS-2024-2000) documents a high/severe impac...

10CVSS8AI score0.1579EPSS
Exploits1References2Affected Software1
Talos
Talos
added 2025/01/14 12:0 a.m.11 views

Wavlink AC3000 touchlist_sync.cgi touchlistsync() command injection vulnerability

Talos Vulnerability Report TALOS-2024-2000 Wavlink AC3000 touchlistsync.cgi touchlistsync command injection vulnerability January 14, 2025 CVE Number CVE-2024-34166 SUMMARY An os command injection vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000...

10CVSS9.9AI score0.1579EPSS
Exploits1
Rows per page
Query Builder