Lucene search
K

5908 matches found

Cvelist
Cvelist
added 2025/01/14 2:21 p.m.7 views

CVE-2024-34166

An os command injection vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of HTTP requests can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability...

10CVSS0.1579EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/14 2:21 p.m.12 views

CVE-2024-36290

A buffer overflow vulnerability exists in the login.cgi Gotochidx functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

10CVSS0.01359EPSS
Exploits1References1
CVE
CVE
added 2025/01/14 2:21 p.m.46 views

CVE-2024-39367

CVE-2024-39367 affects the Wavlink AC3000 M33A8.V5030.210505 firmware, specifically the firewall.cgi iptablesWebsFilterRun() function. A specially crafted, authenticated HTTP request can trigger arbitrary command execution via the websURLFilters handling, where nvram-stored, semicolon-separated e...

9.1CVSS7.8AI score0.08248EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/01/14 2:21 p.m.47 views

CVE-2024-39756

Talos reports CVE-2024-39756 as a buffer overflow in Wavlink AC3000 adm.cgi rep_as_router() for version M33A8.V5030.210505. The overflow occurs when user-supplied data (e.g., wl_rep_ssid2g) is copied to the stack without length checks after passing an authenticated HTTP request, enabling arbitrar...

9.1CVSS7.2AI score0.01805EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/01/14 2:21 p.m.10 views

CVE-2024-39773

An information disclosure vulnerability exists in the testsave.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability...

5.3CVSS0.0076EPSS
Exploits1References1
CVE
CVE
added 2025/01/14 2:21 p.m.57 views

CVE-2024-39608

CVE-2024-39608 is a reported unauthenticated firmware-upload vulnerability in the Wavlink AC3000 (M33A8.V5030.210505) login.cgi. Talos details show an unauthenticated HTTP POST can flash firmware to the device, with full device compromise risk (root access via missing authentication in the firmwa...

10CVSS7.2AI score0.0137EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/01/14 2:21 p.m.8 views

CVE-2024-39273

A firmware update vulnerability exists in the fwcheck.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary firmware update. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

9CVSS0.01046EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/14 2:21 p.m.5 views

CVE-2024-39273

A firmware update vulnerability exists in the fwcheck.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary firmware update. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

9CVSS6.9AI score0.01046EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/14 2:21 p.m.8 views

CVE-2024-39799

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

9.1CVSS7.5AI score0.01276EPSS
Exploits1References1
CVE
CVE
added 2025/01/14 2:21 p.m.49 views

CVE-2024-39799

CVE-2024-39799 (and related CVEs 39798, 39800) affect WAVLINK AC3000 M33A8.V5030.210505 via openvpn.cgi openvpn_server_setup, allowing authentication-protected HTTP POST data to inject arbitrary config into the OpenVPN server. The vulnerability chain reads POST values (sel_open_server_val, sel_op...

9.1CVSS7.5AI score0.01276EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2025/01/14 2:15 p.m.10 views

CVE-2024-33502

An improper limitation of a pathname to a restricted directory 'path traversal' in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 through 6.2.12 and 6.0.0 through 6.0.12 allows attacker to execu...

7.2CVSS0.01242EPSS
Exploits0References1
NVD
NVD
added 2025/01/14 2:15 p.m.9 views

CVE-2024-35275

A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests...

8.8CVSS0.0079EPSS
Exploits0References1
NVD
NVD
added 2025/01/14 2:15 p.m.3 views

CVE-2023-37931

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability CWE-88 in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to perform a blind sql injection attack via sending crafted HTTP or HTTPS requests...

8.8CVSS0.00769EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/14 2:10 p.m.10 views

CVE-2024-32115

A relative path traversal vulnerability CWE-23 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 allows a privileged attacker to delete files from the underlying filesystem via crafted HTTP or HTTPs requests...

5.5CVSS6.8AI score0.01024EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/14 2:10 p.m.7 views

CVE-2023-37931

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability CWE-88 in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to perform a blind sql injection attack via sending crafted HTTP or HTTPS requests...

8.8CVSS7.2AI score0.00769EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/14 2:9 p.m.11 views

CVE-2024-33502

An improper limitation of a pathname to a restricted directory 'path traversal' in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 through 6.2.12 and 6.0.0 through 6.0.12 allows attacker to execu...

6.5CVSS0.01242EPSS
Exploits0References1
CVE
CVE
added 2025/01/14 2:9 p.m.55 views

CVE-2024-33502

CVE-2024-33502 affects Fortinet FortiManager and FortiAnalyzer. Affected versions include FortiManager/ FortiAnalyzer releases (e.g., 6.x, 7.x series) where a pathname is improperly limited to restricted directories, enabling path traversal. Resulting in potential execution of unauthorized code o...

7.2CVSS6.7AI score0.01242EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2025/01/14 2:9 p.m.12 views

CVE-2024-46664

A relative path traversal in Fortinet FortiRecorder CWE-23 version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or HTTPs requests...

5.5CVSS5.3AI score0.00512EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/14 2:8 p.m.7 views

CVE-2024-35273

A out-of-bounds write in Fortinet FortiManager version 7.4.0 through 7.4.2, FortiAnalyzer version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests...

7.2CVSS7.3AI score0.00639EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/14 2:8 p.m.16 views

CVE-2024-35273

A out-of-bounds write in Fortinet FortiManager version 7.4.0 through 7.4.2, FortiAnalyzer version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests...

7.2CVSS0.00639EPSS
Exploits0References1
Rows per page
Query Builder