CVE-2024-39760 | Wavlink AC3000 M33A8.V5030.210505 login.cgi set_sys_init restart_min_value command injection (TALOS-2024-2018)

Inserito da Angelo Barbosa | Gen 14, 2025 | CVE

A vulnerability, which was classified as very critical, was found in Wavlink AC3000 M33A8.V5030.210505. This affects the function set_sys_init of the file login.cgi. The manipulation of the argument restart_min_value leads to command injection.

This vulnerability is uniquely identified as CVE-2024-39760. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-39760 | Wavlink AC3000 M33A8.V5030.210505 login.cgi set_sys_init restart_min_value command injection (TALOS-2024-2018)

Post correlati

CVE-2023-33222 | IDEMIA SIGMA Lite & Lite + Contactless Card stack-based overflow

CVE-2023-6947 | FooGallery Plugin up to 2.4.16 on WordPress path traversal

CVE-2024-27311 | Zoho ManageEngine DDI Central up to 4001 unrestricted upload

CVE-2024-39392 | Adobe InDesign Desktop up to 18.5.2/19.3 heap-based overflow (apsb24-48)