Lucene search

K
WavlinkWl-wn533a8 Firmware

62 matches found

CVE
CVE
added 2025/01/14 3:15 p.m.34 views

CVE-2024-39782

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command ...

9.1CVSS7.9AI score0.00278EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.34 views

CVE-2024-39800

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnera...

9.1CVSS7.5AI score0.01053EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.34 views

CVE-2024-39802

Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer ove...

9.1CVSS7.4AI score0.00116EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.33 views

CVE-2024-34166

An os command injection vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of HTTP requests can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability.

10CVSS8AI score0.01383EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.33 views

CVE-2024-39756

A buffer overflow vulnerability exists in the adm.cgi rep_as_router() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability.

9.1CVSS7.2AI score0.00162EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.33 views

CVE-2024-39773

An information disclosure vulnerability exists in the testsave.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.

5.3CVSS6.4AI score0.00043EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.33 views

CVE-2024-39790

Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...

9.1CVSS7.1AI score0.00715EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.33 views

CVE-2024-39795

Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configura...

9.1CVSS7.2AI score0.00535EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.32 views

CVE-2024-39787

Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal v...

9.1CVSS6.8AI score0.00248EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.31 views

CVE-2024-36295

A command execution vulnerability exists in the qos.cgi qos_sta() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

9.1CVSS7.2AI score0.00991EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.31 views

CVE-2024-39783

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command ...

9.1CVSS7.9AI score0.00278EPSS
CVE
CVE
added 2025/01/14 3:15 p.m.31 views

CVE-2024-39789

Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration...

9.1CVSS7.1AI score0.00715EPSS
Total number of security vulnerabilities62