28 matches found
CVE-2022-35533
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: clilist and clinum, which leads to command injection in page /qos.shtml...
CVE-2024-39802
Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...
EUVD-2022-38423
Malicious code in bioql PyPI...
EUVD-2024-36362
Malicious code in bioql PyPI...
EUVD-2024-38345
Malicious code in bioql PyPI...
EUVD-2024-38346
Malicious code in bioql PyPI...
WAVLINK WL-WN579A3 /cgi-bin/qos.cgi Component Command Injection Vulnerability
WAVLINK WL-WN579A3 is a high performance dual-band wireless card from China RuiYin WAVLINK. The WAVLINK WL-WN579A3 suffers from a command injection vulnerability that originates from unfiltered input in the /cgi-bin/qos.cgi component, no details of the vulnerability are provided at this time...
CVE-2025-44881
A command injection vulnerability in the component /cgi-bin/qos.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input...
The vulnerability of the qosSettings() function in the qos.cgi script of the Wavlink AC3000 (WL-WN533A8) router’s script allows a hacker to execute arbitrary code.
The vulnerability of the qosSettings function in the qos.cgi script of the Wavlink AC3000 WL-WN533A8 router software lies in the fact that the output of the operation goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2024-39801
Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...
CVE-2024-39802
Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...
CVE-2024-36295
A command execution vulnerability exists in the qos.cgi qossta functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39803
Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...
CVE-2024-39803
Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...
CVE-2024-39802
Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...
CVE-2024-39801
CVE-2024-39801 affects Wavlink AC3000 (M33A8.V5030.210505). Talos reports multiple buffer-overflow vulnerabilities in qos.cgi qos_settings(), notably in the qos_bandwidth field (and related qos_dat/sel_mode parameters). In the affected function, these fields are strdup’d and later used to compose...
CVE-2024-39802
Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...
PT-2025-2447 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 M33A8 version V5030.210505 Description: A command execution issue exists in the qos.cgi qos sta functionality. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP...
PT-2025-2537 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A buffer overflow issue exists in the qos.cgi qos sta settings functionality. This can be triggered by a specially crafted HTTP request, leading to a stack-based buffer overflow. An...
WAVLINK AC3000 安全漏洞
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a buffer overflow vulnerability, which originates from the qosbandwidth parameter of the qos.cgi qossettings function that fails to properly validate the length of the input data, which can be exploited...