CVE-2024-39760 | Wavlink AC3000 M33A8.V5030.210505 login.cgi set_sys_init restart_min_value command injection (TALOS-2024-2018)

Inserito da Angelo Barbosa | Gen 14, 2025 | CVE

A vulnerability, which was classified as very critical, was found in Wavlink AC3000 M33A8.V5030.210505. This affects the function set_sys_init of the file login.cgi. The manipulation of the argument restart_min_value leads to command injection.

This vulnerability is uniquely identified as CVE-2024-39760. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-39760 | Wavlink AC3000 M33A8.V5030.210505 login.cgi set_sys_init restart_min_value command injection (TALOS-2024-2018)

Post correlati

CVE-2024-6126 | Red Hat Enterprise Linux 7/8/9 cockpit user_readenv resource consumption

CVE-2024-41803 | xibosignage xibo-cms up to 3.3.11/4.0.13 sql injection (GHSA-hpc5-mxfq-44hv)

CVE-2024-27847 | Apple macOS up to 17.4 App access control (HT214101)

CVE-2024-48839 | ABB ASPECT-Enterprise/NEXUS/MATRIX up to 3.08.02 code injection