CVE-2024-39367 | Wavlink AC3000 M33A8.V5030.210505 firewall.cgi iptablesWebsFilterRun command injection (TALOS-2024-2023)

Posted by Angelo Barbosa | Jan 14, 2025 | CVE

A vulnerability classified as critical was found in Wavlink AC3000 M33A8.V5030.210505. Affected by this vulnerability is the function iptablesWebsFilterRun of the file firewall.cgi. The manipulation leads to command injection.

This vulnerability is known as CVE-2024-39367. The attack can be launched remotely. There is no exploit available.

CVE-2024-39367 | Wavlink AC3000 M33A8.V5030.210505 firewall.cgi iptablesWebsFilterRun command injection (TALOS-2024-2023)

Related Posts

CVE-2024-27345 | Kofax Power PDF PDF File Parser out-of-bounds

CVE-2024-29156 | OpenStack Murano up to 16.0.0 YAQL information disclosure

CVE-2024-2622 | Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 editemedia.php number/enterprise_uuid sql injection

CVE-2024-25398 | Srelay 0.4.8p3 Network denial of service