Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.7 views

CVE-2024-39762

Multiple OS command injection vulnerabilities exist in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...

9.1CVSS7.5AI score0.05876EPSS
Exploits1References1
NVD
NVD
added 2025/01/14 3:15 p.m.9 views

CVE-2024-39762

Multiple OS command injection vulnerabilities exist in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...

9.1CVSS0.05876EPSS
Exploits1References2
CVE
CVE
added 2025/01/14 2:21 p.m.53 views

CVE-2024-39762

CVE-2024-39762 affects the Wavlink AC3000 (M33A8.V5030.210505). The vulnerability resides in the internet.cgi set_add_routing() function, specifically the netmask parameter, where input is fed into a shell command via popen without input filtering, allowing OS command injection after an authentic...

9.1CVSS7.6AI score0.05876EPSS
Exploits1References2Affected Software1
Talos
Talos
added 2025/01/14 12:0 a.m.36 views

Wavlink AC3000 internet.cgi set_add_routing() command injection vulnerabilities

Talos Vulnerability Report TALOS-2024-2020 Wavlink AC3000 internet.cgi setaddrouting command injection vulnerabilities January 14, 2025 CVE Number CVE-2024-39764,CVE-2024-39765,CVE-2024-39763,CVE-2024-39762 SUMMARY Multiple OS command injection vulnerabilities exist in the internet.cgi...

9.1CVSS9.9AI score0.05876EPSS
Exploits4
Rows per page
Query Builder