4 matches found
The vulnerability of the set_sys_init() function in the login.cgi script of the Wavlink AC3000 router microprogramming system (WL-WN533A8) allows a hacker to execute arbitrary commands.
The vulnerability of the setsysinit function in the login.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning at the control level when processing the restartweekvalue parameter. Exploiting this vulnerability allows a remote attacker ...
CVE-2024-39761
Multiple OS command injection vulnerabilities exist in the login.cgi setsysinit functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A comman...
WAVLINK AC3000 命令注入漏洞
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that originates from the failure of the restartweekvalue parameter of the login.cgi setsysinit function to correctly filter constructed command special characters,...
PT-2024-10140 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 M33A8.V5030.210505 Description: Multiple OS command injection vulnerabilities exist in the login.cgi set sys init functionality. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an...