2 matches found
CVE-2024-39794
Wavlink AC3000 (M33A8.V5030.210505) is affected by multiple external config control vulnerabilities in the nas.cgi set_nas() proftpd functionality. The issues allow configuration injection via ftp_port and related FTP settings (ftp_name, ftp_port, ftp_max_sessions, etc.) and can enable permission...
PT-2025-2573 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple external config control vulnerabilities exist in the nas.cgi set nas proftpd functionality. A specially crafted HTTP request can lead to permission bypass. An attacker can make a...