CVE-2024-39360 | Wavlink AC3000 M33A8.V5030.210505 nas.cgi remove_dir command injection (TALOS-2024-2054)

Posted by Angelo Barbosa | Jan 14, 2025 | CVE

A vulnerability classified as critical has been found in Wavlink AC3000 M33A8.V5030.210505. Affected is the function remove_dir of the file nas.cgi. The manipulation leads to command injection.

This vulnerability is traded as CVE-2024-39360. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-39360 | Wavlink AC3000 M33A8.V5030.210505 nas.cgi remove_dir command injection (TALOS-2024-2054)

Related Posts

CVE-2024-7624 | Zephyr Project Manager Plugin up to 3.3.101 on WordPress improper authentication

CVE-2023-42829 | Apple macOS OpenSSH Privilege Escalation

CVE-2024-37699 | DataLife Engine up to 17.1 dboption sql injection

CVE-2022-49035 | Linux Kernel up to 6.0.7 s5p_cec buffer overflow