Lucene search
+L

5 matches found

Circl
Circl
added 2025/01/14 3:17 p.m.7 views

CVE-2024-39370

creationtimestamp| type| source ---|---|--- 2025-01-14 15:17:06+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpkaw45ul2f...

9.1CVSS6.9AI score0.0218EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/14 2:21 p.m.5 views

CVE-2024-39370

An arbitrary code execution vulnerability exists in the adm.cgi setMeshAp functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS7.7AI score0.0218EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/14 2:21 p.m.25 views

CVE-2024-39370

An arbitrary code execution vulnerability exists in the adm.cgi setMeshAp functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS0.0218EPSS
Exploits1References1
CVE
CVE
added 2025/01/14 2:21 p.m.61 views

CVE-2024-39370

CVE-2024-39370 affects the Wavlink AC3000 M33A8.V5030.210505: the adm.cgi set_MeshAp() function is vulnerable to a buffer overflow via crafted POST data (e.g., wlan_ssid2), enabling arbitrary code execution after passing authentication. TALOS cites a CVSSv3.1 score of 9.1 (CRITICAL) with network ...

9.1CVSS7.8AI score0.0218EPSS
Exploits1References2Affected Software1
Talos
Talos
added 2025/01/14 12:0 a.m.18 views

Wavlink AC3000 adm.cgi set_MeshAp() arbitrary code execution vulnerability

Talos Vulnerability Report TALOS-2024-2031 Wavlink AC3000 adm.cgi setMeshAp arbitrary code execution vulnerability January 14, 2025 CVE Number CVE-2024-39370 SUMMARY An arbitrary code execution vulnerability exists in the adm.cgi setMeshAp functionality of Wavlink AC3000 M33A8.V5030.210505. A...

9.1CVSS7.7AI score0.0218EPSS
Exploits1
Rows per page
Query Builder