Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

54 matches found

OSV
OSVadded 2025/01/14 3:15 p.m.2 views

CVE-2024-39768

Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This...

7.2CVSS6.4AI score0.01212EPSS
Exploits1References2
NVD
NVDadded 2025/01/14 3:15 p.m.5 views

CVE-2024-39768

Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This...

9.1CVSS0.01212EPSS
Exploits1References2
OSV
OSVadded 2025/01/14 3:15 p.m.3 views

CVE-2024-39763

Multiple OS command injection vulnerabilities exist in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...

7.2CVSS6AI score0.04815EPSS
Exploits1References2
OSV
OSVadded 2025/01/14 3:15 p.m.5 views

CVE-2024-39765

Multiple OS command injection vulnerabilities exist in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...

7.2CVSS6AI score
Exploits0References2
OSV
OSVadded 2025/01/14 3:15 p.m.2 views

CVE-2024-39288

A buffer overflow vulnerability exists in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

7.2CVSS7.8AI score0.1336EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/01/14 2:21 p.m.7 views

CVE-2024-39762

Multiple OS command injection vulnerabilities exist in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...

9.1CVSS7.6AI score0.05876EPSS
Exploits1References1
CVE
CVEadded 2025/01/14 2:21 p.m.49 views

CVE-2024-39769

CVE-2024-39769 affects Wavlink AC3000, specifically the internet.cgi set_qos() function. The vulnerability is a stack-based buffer overflow in the cli_mac POST parameter (and related cli_name/en_enable issues described in the TALOS report), exploitable via authenticated HTTP requests. Impact stat...

9.1CVSS7.4AI score0.00845EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.1 views

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505, which is caused by the enenable parameter of the internet.cgi setqos function failing to correctly validate the length of the input data, and can be...

9.1CVSS8.1AI score0.01212EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.2 views

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the cliname parameter of the internet.cgi setqos function that fails to correctly validate the length of the input data, an...

9.1CVSS8.1AI score0.01212EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.3 views

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the custominterface parameter of the internet.cgi setaddrouting function to correctly filter constructed comman...

9.1CVSS7.8AI score0.05212EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.3 views

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the internet.cgi setaddrouting function's dest parameter failing to properly filter constructed command special character...

9.1CVSS7.7AI score0.04156EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.4 views

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the failure of the gateway parameter of the internet.cgi setaddrouting function to correctly filter the construct command...

9.1CVSS7.8AI score0.04815EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.2 views

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the netmask parameter of the internet.cgi setaddrouting function failing to correctly filter constructed command special...

9.1CVSS7.8AI score0.05876EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.2 views

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the internet.cgi setaddrouting function failing to correctly validate the length of the input data, and can be exploited by...

9.1CVSS8.1AI score0.1336EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/01/14 12:0 a.m.4 views

PT-2025-2556 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple OS command injection vulnerabilities exist in the internet.cgi set add routing functionality. A specially crafted HTTP request can lead to arbitrary command execution. An attacke...

9.1CVSS7.7AI score0.05212EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/01/14 12:0 a.m.3 views

PT-2025-2535 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A buffer overflow vulnerability exists in the set add routing function of internet.cgi. This issue can be triggered by a specially crafted HTTP request, leading to a stack-based buffer...

9.1CVSS7.3AI score0.1336EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2025/01/14 12:0 a.m.3 views

PT-2025-2557 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple buffer overflow vulnerabilities exist in the internet.cgi set qos functionality. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an...

9.1CVSS7.5AI score0.01212EPSS
Exploits1References6
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.4 views

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the climac parameter of the internet.cgi setqos function that fails to correctly validate the length and size of the input...

9.1CVSS8.1AI score0.00845EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/01/14 12:0 a.m.4 views

PT-2025-2555 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 M33A8.V5030.210505 Description: Multiple OS command injection vulnerabilities exist in the set add routing functionality of the internet.cgi script. A specially crafted HTTP request can lead to arbitrary command execution. An...

9.1CVSS7.7AI score0.04156EPSS
Exploits1References7
Talos
Talosadded 2025/01/14 12:0 a.m.9 views

Wavlink AC3000 internet.cgi set_qos() buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2024-2022 Wavlink AC3000 internet.cgi setqos buffer overflow vulnerabilities January 14, 2025 CVE Number CVE-2024-39768,CVE-2024-39770,CVE-2024-39769 SUMMARY Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000...

9.1CVSS7.6AI score0.01212EPSS
Exploits3
Rows per page
Query Builder