CVE-2024-48705 | Wavlink AC1200 M32A3_V1410_230602/M32A3_V1410_240222 adm.cgi set_sys_adm newpass command injection

Inserito da Angelo Barbosa | Set 2, 2025 | CVE

A vulnerability labeled as critical has been found in Wavlink AC1200 M32A3_V1410_230602/M32A3_V1410_240222. Impacted is the function set_sys_adm of the file adm.cgi. The manipulation of the argument newpass results in command injection.

This vulnerability is identified as CVE-2024-48705. The attack can be executed remotely. There is not any exploit available.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

CVE-2024-48705 | Wavlink AC1200 M32A3_V1410_230602/M32A3_V1410_240222 adm.cgi set_sys_adm newpass command injection

Post correlati

CVE-2025-22635 | Jyothis Joy Eventer Plugin up to 3.9.8 on WordPress cross site scripting

CVE-2024-40643 | laurent22 joplin up to 3.0.14 Tag cross site scripting

CVE-2024-3983 | WooCommerce Customers Manager Plugin up to 30.0 on WordPress cross-site request forgery

CVE-2025-4038 | code-projects Train Ticket Reservation System 1.0 reservation Name stack-based overflow