Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:21
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authentica…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:21
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authentica…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:21
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authentica…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:21
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authentica…
Critical
CVSS: 10.0
Yayın: 2025-01-14 15:15:21
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTT…
Critical
CVSS: 10.0
Yayın: 2025-01-14 15:15:21
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTT…
Critical
CVSS: 10.0
Yayın: 2025-01-14 15:15:21
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTT…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:20
A stack-based buffer overflow vulnerability exists in the wireless.cgi AddMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP r…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:20
A buffer overflow vulnerability exists in the adm.cgi rep_as_router() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to…
Critical
CVSS: 10.0
Yayın: 2025-01-14 15:15:20
A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead to root access. An attacker can send packets to trigger this vulnerability.
Critical
CVSS: 10.0
Yayın: 2025-01-14 15:15:20
A firmware update vulnerability exists in the login.cgi functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary firmware update. An attacker can send an unauthenticated message to trigger this vulner…
Critical
CVSS: 9.0
Yayın: 2025-01-14 15:15:20
A command execution vulnerability exists in the update_filter_url.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can perform a man-in-the-middle attack to t…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:20
A stack-based buffer overflow vulnerability exists in the wireless.cgi set_wifi_basic_mesh() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authent…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:19
An external config control vulnerability exists in the nas.cgi set_nas() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:19
An arbitrary code execution vulnerability exists in the adm.cgi set_MeshAp() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:19
An os command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated…
Critical
CVSS: 9.6
Yayın: 2025-01-14 15:15:19
A cross-site scripting (xss) vulnerability exists in the login.cgi set_lang_CountryCode() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:19
An os command injection vulnerability exists in the nas.cgi remove_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request to…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:19
A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTT…
Critical
CVSS: 9.1
Yayın: 2025-01-14 15:15:19
A buffer overflow vulnerability exists in the adm.cgi set_wzap() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigg…