16597 matches found
CVE-2024-39280
An external config control vulnerability exists in the nas.cgi setsmbcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39790
Multiple external config control vulnerabilities exist in the nas.cgi setftpcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...
CVE-2024-39280
An external config control vulnerability exists in the nas.cgi setsmbcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39280
Wavlink AC3000 (M33A8.V5030.210505) has a configuration-control flaw in nas.cgi set_smb_cfg() that allows authenticated HTTP requests to trigger arbitrary command execution via improper handling when writing Samba config (nvram) and invoking samba.sh. Talos details show the vulnerability affects ...
CVE-2024-39787
CVE-2024-39787 involves directory traversal in Wavlink AC3000 nas.cgi add_dir() via the disk_part parameter. The root cause is lack of validation/filtering for relative paths ("../" sequences”), enabling an attacker with authenticated HTTP access to create directories with arbitrary permissions a...
CVE-2024-39787
Multiple directory traversal vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal...
CVE-2024-39786
Multiple directory traversal vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal...
CVE-2024-39788
Multiple external config control vulnerabilities exist in the nas.cgi setftpcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...
CVE-2024-39786
Multiple directory traversal vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal...
CVE-2024-39789
Multiple external config control vulnerabilities exist in the nas.cgi setftpcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...
CVE-2024-39789
CVE-2024-39789 affects Wavlink AC3000 (M33A8.V5030.210505) via nas.cgi set_ftp_cfg() with multiple external config control flaws. The TALOS write-up details vulnerability in the FTP config flow (ftp_name, ftp_port, ftp_max_sessions, ftp_adddir, ftp_anonymous, ftp_read/write/download/upload) store...
CVE-2024-39789
Multiple external config control vulnerabilities exist in the nas.cgi setftpcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...
CVE-2024-39788
Multiple external config control vulnerabilities exist in the nas.cgi setftpcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...
CVE-2024-39786
The provided connected docs confirm CVE-2024-39786 affects Wavlink AC3000 NAS via nas.cgi add_dir(), specifically the adddir_name parameter. TALOS details show a directory traversal vulnerability allowing an attacker to supply a crafted adddir_name (e.g., using multiple ../ sequences) to manipula...
CVE-2024-39788
CVE-2024-39788 affects the Wavlink AC3000 (M33A8.V5030.210505) via nas.cgi set_ftp_cfg(); an authenticated HTTP request can inject configuration through ftp_name (and related ftp_* parameters) stored in nvram, leading to a storage.sh ftp call that can modify ProFTPD config (e.g., ServerName, Port...
CVE-2024-39784
Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...
CVE-2024-39785
CVE-2024-39785 affects Wavlink AC3000 M33A8.V5030.210505: the nas.cgi add_dir() function accepts adddir_name via POST and, via the adddir_name path, constructs and executes shell commands (mkdir -p and chmod 777) using the provided input, enabling arbitrary command execution. This requires an aut...
CVE-2024-39784
Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...
CVE-2024-39785
Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...
CVE-2024-39784
CVE-2024-39784 is a confirmed command-injection vulnerability in Wavlink AC3000, affecting the NAS CGI (nas.cgi) add_dir() function. Talos reports the flaw resides in processing of the disk_part POST parameter (and related adddir_name in a parallel CVE-2024-39785 path), enabling arbitrary shell c...