CVE-2024-39755

A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG file can lead to execute priviledged operation. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

EUVD-2019-8383

Malware in sbrugna...

CVE-2024-9692

VIMESA VHF/FM Transmitter Blue Plus is suffering from a Denial-of-Service DoS vulnerability. An unauthenticated attacker can issue an unauthorized HTTP GET request to the unprotected endpoint 'doreboot' and restart the transmitter operations...

CVE-2024-39760

Multiple OS command injection vulnerabilities exist in the login.cgi setsysinit functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A comman...

CVE-2024-39363

Mode C: TALOS identifies CVE-2024-39363 as a persistent XSS in Wavlink AC3000 login.cgi set_lang_CountryCode(), affecting version M33A8.V5030.210505. An unauthenticated HTTP request can trigger a stored XSS, enabling information disclosure and potential session/cookie exposure, with risk to admin...