CVE-2024-36258

A stack-based buffer overflow vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2024-34166

An os command injection vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of HTTP requests can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability...

VulnCheck KEV: CVE-2022-2488

A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlistsync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used...

WAVLINK WN535K2 和 WN535K3 操作系统命令注入漏洞

The WAVLINK WN535K2 and WAVLINK WN535K3 are both wireless routers from the Chinese company WAVLINK. A security vulnerability exists in the WAVLINK WN535K2 and WN535K3 versions, which stems from certain unknown processing in /cgi-bin/touchlistsync.cgi, where manipulation of IP parameters may resul...