CVE-2024-39759 | Wavlink AC3000 M33A8.V5030.210505 login.cgi set_sys_init restart_hour_value command injection (TALOS-2024-2018)

Posted by Angelo Barbosa | Jan 14, 2025 | CVE

A vulnerability was found in Wavlink AC3000 M33A8.V5030.210505 and classified as very critical. This issue affects the function set_sys_init of the file login.cgi. The manipulation of the argument restart_hour_value leads to command injection.

The identification of this vulnerability is CVE-2024-39759. The attack may be initiated remotely. There is no exploit available.

CVE-2024-39759 | Wavlink AC3000 M33A8.V5030.210505 login.cgi set_sys_init restart_hour_value command injection (TALOS-2024-2018)

Related Posts

CVE-2024-27820 | Apple watchOS Web Contents memory corruption

CVE-2022-49039 | Synology Drive Client prior 3.5.0-16084 Backup Task Management out-of-bounds write (SA_24_10)

CVE-2024-26261 | HGiga OAKlouds path traversal

CVE-2024-52460 | AtaraPay WooCommerce Payment Gateway Plugin up to 2.0.13 on WordPress cross site scripting