3 matches found
CVE-2024-39280
creationtimestamp| type| source ---|---|--- 2025-01-14 15:16:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpk7wlfcn2r...
CVE-2024-39280
Wavlink AC3000 (M33A8.V5030.210505) has a configuration-control flaw in nas.cgi set_smb_cfg() that allows authenticated HTTP requests to trigger arbitrary command execution via improper handling when writing Samba config (nvram) and invoking samba.sh. Talos details show the vulnerability affects ...
Wavlink AC3000 nas.cgi set_smb_cfg() Configuration Control Vulnerability
Talos Vulnerability Report TALOS-2024-2055 Wavlink AC3000 nas.cgi setsmbcfg Configuration Control Vulnerability January 14, 2025 CVE Number CVE-2024-39280 SUMMARY An external config control vulnerability exists in the nas.cgi setsmbcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A special...