2 matches found
CVE-2024-39770
Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This...
CVE-2024-39770
CVE-2024-39770 affects Wavlink AC3000 M33A8.V5030.210505: a set_qos() vulnerability in internet.cgi allows buffer overflow via the en_enable POST parameter. TALOS shows a stack-based overflow targeting a 0x400 buffer when concatenating POST fields (cli_name, cli_mac, en_enable), enabling potentia...