CVE-2024-50998

Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpnserviceport and openvpnserviceporttun parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-39800

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

CVE-2024-39799

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

Wavlink AC3000 openvpn.cgi openvpn_server_setup() Configuration Control Vulnerabilities

Talos Vulnerability Report TALOS-2024-2050 Wavlink AC3000 openvpn.cgi openvpnserversetup Configuration Control Vulnerabilities January 14, 2025 CVE Number CVE-2024-39798,CVE-2024-39800,CVE-2024-39799 SUMMARY Multiple external config control vulnerabilities exists in the openvpn.cgi...