Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2025/01/14 3:15 p.m.0 views

CVE-2024-39604

A command execution vulnerability exists in the updatefilterurl.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

8.1CVSS7.6AI score
Exploits0References2
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.1 views

WAVLINK AC3000 注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setTR069 function to correctly filter constructed command special characters, commands, etc. The...

9.1CVSS7.8AI score0.07859EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.1 views

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the failure of the gateway parameter of the internet.cgi setaddrouting function to correctly filter the construct command...

9.1CVSS7.8AI score0.00208EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/01/14 12:0 a.m.3 views

PT-2025-2558 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple buffer overflow vulnerabilities exist in the set qos functionality of internet.cgi. A specially crafted HTTP request can lead to a stack-based buffer overflow. An attacker can ma...

9.1CVSS7.5AI score0.00491EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2024/06/28 12:0 a.m.3 views

PT-2024-10139 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 versions M33A8.V5030.210505 Description: Multiple OS command injection vulnerabilities exist in the login.cgi set sys init functionality. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can ma...

10CVSS8.4AI score0.01231EPSS
Exploits1References8
OSV
OSVadded 2022/09/13 9:15 p.m.0 views

CVE-2022-40621

Because the WAVLINK Quantum D4G WN531G3 running firmware version M31G3.V5030.200325 and earlier communicates over HTTP and not HTTPS, and because the hashing mechanism does not rely on a server-supplied key, it is possible for an attacker with sufficient network access to capture the hashed...

7.5CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/07/20 12:0 a.m.3 views

PT-2022-21982

Name of the Vulnerable Software and Affected Versions Wavlink WN530HG4 version M30HG4.V5030.191116 Description A hardcoded encryption/decryption key was found in the configuration files of the affected device, specifically at the /etc ro/lighttpd/www/cgi-bin/ExportAllSettings.sh location. This...

9.8CVSS6.4AI score0.42928EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2022/06/14 12:0 a.m.2 views

PT-2022-20683 · Wavlink · Wavlink Aerial X 1200M

Name of the Vulnerable Software and Affected Versions: WAVLINK AERIAL X 1200M version M79X3.V5030.180719 Description: The issue allows attackers to execute arbitrary commands via a crafted POST request to the adm.cgi endpoint. This is achieved by sending a specifically designed request to the...

10CVSS9.6AI score0.02725EPSS
Exploits1References3
Rows per page
Query Builder