13 matches found
PT-2025-2543 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun functionality. This allows an attacker to execute arbitrary code by making a specially crafted HTTP...
WAVLINK AC3000 命令注入漏洞
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the inclusion of multiple operating system command injections...
PT-2025-2444 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A stack-based buffer overflow issue exists in the touchlistsync functionality of touchlist sync.cgi. This can be triggered by a specially crafted HTTP request, potentially leading to...
PT-2025-2416 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A system os command injection vulnerability exists in the touchlistsync function of touchlist sync.cgi. This issue can be triggered by a specially crafted set of HTTP requests, potentiall...
WAVLINK AC3000 注入漏洞
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adddirname parameter of the nas.cgi adddir function to correctly filter construct command special character...
PT-2025-2533 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A vulnerability exists in the set smb cfg function of nas.cgi, allowing for external configuration control. This can be exploited through a specially crafted HTTP request, potentially...
PT-2025-2532 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A firmware update issue exists in the fw check.sh functionality. This allows an attacker to perform a man-in-the-middle attack using a specially crafted HTTP request, potentially leading ...
PT-2025-2452 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 M33A8.V5030.210505 Description: A stack-based buffer overflow vulnerability exists in the set wifi basic function within the wireless.cgi component. A specially crafted HTTP request can lead to arbitrary command execution. An...
PT-2025-2445 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A buffer overflow issue exists in the set info functionality of usbip.cgi. This can be triggered by a specially crafted HTTP request, leading to a stack-based buffer overflow. An attacker...
PT-2025-2561 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A buffer overflow vulnerability exists in the set sys adm function of adm.cgi. This issue can be triggered by a specially crafted HTTP request, leading to a stack-based buffer overflow. A...
WAVLINK AC3000 安全漏洞
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the nas.cgi setsmbcfg function failing to correctly filter constructed command special characters, commands, etc. The...
PT-2024-10140 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 M33A8.V5030.210505 Description: Multiple OS command injection vulnerabilities exist in the login.cgi set sys init functionality. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an...
PT-2024-10143 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 M33A8.V5030.210505 Description: Multiple OS command injection vulnerabilities exist in the set add routing functionality of the internet.cgi script. A specially crafted HTTP request can lead to arbitrary command execution. An...