5.3

CVE-2024-39773

Exploit
An information disclosure vulnerability exists in the testsave.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WavlinkWl-wn533a8 Firmware Versionm33a8.v5030.210505
   WavlinkWl-wn533a8 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.08% 0.249
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
talos-cna@cisco.com 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.