Lucene search
K

4 matches found

BDU FSTEC
BDU FSTEC
added 2025/01/19 12:0 a.m.8 views

The vulnerability of the set_sys_init() function in the login.cgi script of the Wavlink AC3000 router microprogramming system (WL-WN533A8) allows a hacker to execute arbitrary commands.

The vulnerability of the setsysinit function in the login.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning at the control level when processing the restartweekvalue parameter. Exploiting this vulnerability allows a remote attacker ...

10CVSS8.2AI score0.08168EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/01/14 3:15 p.m.4 views

CVE-2024-39761

Multiple OS command injection vulnerabilities exist in the login.cgi setsysinit functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A comman...

9.8CVSS6AI score0.08168EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.5 views

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that originates from the failure of the restartweekvalue parameter of the login.cgi setsysinit function to correctly filter constructed command special characters,...

10CVSS8AI score0.08168EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/06/28 12:0 a.m.4 views

PT-2024-10140 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 M33A8.V5030.210505 Description: Multiple OS command injection vulnerabilities exist in the login.cgi set sys init functionality. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an...

10CVSS9.8AI score0.08168EPSS
Exploits1References8
Rows per page
Query Builder