Lucene search
K

33 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.6 views

CVE-2024-39603

A stack-based buffer overflow vulnerability exists in the wireless.cgi setwifibasicmesh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS7.4AI score0.02362EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.8 views

CVE-2024-39782

Multiple OS command injection vulnerabilities exist in the adm.cgi schreboot functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...

9.1CVSS7.8AI score0.03718EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:31 p.m.8 views

CVE-2024-39803

Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...

9.1CVSS7.3AI score0.01212EPSS
Exploits1References1
OSV
OSV
added 2025/01/14 3:15 p.m.4 views

CVE-2024-39604

A command execution vulnerability exists in the updatefilterurl.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

8.1CVSS7.6AI score0.01898EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.5 views

CVE-2024-39608

A firmware update vulnerability exists in the login.cgi functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary firmware update. An attacker can send an unauthenticated message to trigger this vulnerability...

9.8CVSS5.9AI score0.0137EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.4 views

CVE-2024-39358

A buffer overflow vulnerability exists in the adm.cgi setwzap functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

7.2CVSS6.3AI score0.01805EPSS
Exploits1References2
CVE
CVE
added 2025/01/14 2:21 p.m.66 views

CVE-2024-39774

CVE-2024-39774 is a buffer overflow in Wavlink AC3000's adm.cgi set_sys_adm() function (M33A8.V5030.210505). An authenticated HTTP request can trigger a stack-based overflow, potentially enabling code execution or impact to privacy, integrity, and availability per TALOS findings (CVSSv3 9.1/CRITI...

9.1CVSS7.2AI score0.0126EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/14 2:21 p.m.6 views

CVE-2024-39357

A stack-based buffer overflow vulnerability exists in the wireless.cgi SetName functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS7.5AI score0.02362EPSS
Exploits1References1
CVE
CVE
added 2025/01/14 2:21 p.m.50 views

CVE-2024-39299

The CVE-2024-39299 entry concerns a buffer overflow in Wavlink AC3000 (M33A8.V5030.210505) within qos.cgi qos_sta_settings(). Talos reports that POST data fields cli_list and cli_num are copied to a fixed-size buffer without length checks, enabling a stack-based overflow and potential arbitrary c...

9.1CVSS7.2AI score0.01482EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.7 views

PT-2025-2445 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A buffer overflow issue exists in the set info functionality of usbip.cgi. This can be triggered by a specially crafted HTTP request, leading to a stack-based buffer overflow. An attacker...

9.1CVSS7.5AI score0.01265EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.6 views

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the failure of the gateway parameter of the internet.cgi setaddrouting function to correctly filter the construct command...

9.1CVSS7.8AI score0.04815EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.7 views

PT-2025-2452 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 M33A8.V5030.210505 Description: A stack-based buffer overflow vulnerability exists in the set wifi basic function within the wireless.cgi component. A specially crafted HTTP request can lead to arbitrary command execution. An...

9.1CVSS9.5AI score0.01985EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.4 views

PT-2025-2543 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun functionality. This allows an attacker to execute arbitrary code by making a specially crafted HTTP...

9.1CVSS8.2AI score0.08248EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the inclusion of multiple operating system command injections...

9.1CVSS9AI score0.04469EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.6 views

PT-2025-2558 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple buffer overflow vulnerabilities exist in the set qos functionality of internet.cgi. A specially crafted HTTP request can lead to a stack-based buffer overflow. An attacker can ma...

9.1CVSS7.5AI score0.00845EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.6 views

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setledonoff function to correctly filter constructed command special characters, commands, etc. The...

9.1CVSS7.8AI score0.22827EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.5 views

PT-2025-2444 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A stack-based buffer overflow issue exists in the touchlistsync functionality of touchlist sync.cgi. This can be triggered by a specially crafted HTTP request, potentially leading to...

10CVSS8.1AI score0.12447EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.4 views

PT-2025-2532 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A firmware update issue exists in the fw check.sh functionality. This allows an attacker to perform a man-in-the-middle attack using a specially crafted HTTP request, potentially leading ...

9CVSS7.1AI score0.01046EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

WAVLINK AC3000 注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setTR069 function to correctly filter constructed command special characters, commands, etc. The...

9.1CVSS7.8AI score0.20769EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.5 views

PT-2025-2533 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A vulnerability exists in the set smb cfg function of nas.cgi, allowing for external configuration control. This can be exploited through a specially crafted HTTP request, potentially...

9.1CVSS7.1AI score0.34167EPSS
Exploits1References4
Rows per page
Query Builder