Wavlink

Wl-wn533a8 Firmware

62 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-39760

Exploit
  • EPSS 2.4%
  • Veröffentlicht 14.01.2025 15:15:21
  • Zuletzt bearbeitet 03.11.2025 22:17:07

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTT...

7.2

CVE-2024-39757

Exploit
  • EPSS 1.36%
  • Veröffentlicht 14.01.2025 15:15:20
  • Zuletzt bearbeitet 21.08.2025 20:50:24

A stack-based buffer overflow vulnerability exists in the wireless.cgi AddMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP r...

7.2

CVE-2024-39756

Exploit
  • EPSS 0.48%
  • Veröffentlicht 14.01.2025 15:15:20
  • Zuletzt bearbeitet 21.08.2025 20:50:32

A buffer overflow vulnerability exists in the adm.cgi rep_as_router() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to ...

9.8

CVE-2024-39754

Exploit
  • EPSS 0.27%
  • Veröffentlicht 14.01.2025 15:15:20
  • Zuletzt bearbeitet 21.08.2025 20:38:12

A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead to root access. An attacker can send packets to trigger this vulnerability.

9.8

CVE-2024-39608

Exploit
  • EPSS 0.13%
  • Veröffentlicht 14.01.2025 15:15:20
  • Zuletzt bearbeitet 21.08.2025 20:38:20

A firmware update vulnerability exists in the login.cgi functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary firmware update. An attacker can send an unauthenticated message to trigger this vulner...

8.1

CVE-2024-39604

Exploit
  • EPSS 0.89%
  • Veröffentlicht 14.01.2025 15:15:20
  • Zuletzt bearbeitet 21.08.2025 20:38:33

A command execution vulnerability exists in the update_filter_url.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can perform a man-in-the-middle attack to t...

7.2

CVE-2024-39603

Exploit
  • EPSS 1.36%
  • Veröffentlicht 14.01.2025 15:15:20
  • Zuletzt bearbeitet 21.08.2025 20:38:41

A stack-based buffer overflow vulnerability exists in the wireless.cgi set_wifi_basic_mesh() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authent...

9.1

CVE-2024-39602

Exploit
  • EPSS 1.23%
  • Veröffentlicht 14.01.2025 15:15:19
  • Zuletzt bearbeitet 21.08.2025 17:23:57

An external config control vulnerability exists in the nas.cgi set_nas() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request ...

7.2

CVE-2024-39370

Exploit
  • EPSS 1.34%
  • Veröffentlicht 14.01.2025 15:15:19
  • Zuletzt bearbeitet 21.08.2025 17:43:30

An arbitrary code execution vulnerability exists in the adm.cgi set_MeshAp() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request...

7.2

CVE-2024-39367

Exploit
  • EPSS 1.3%
  • Veröffentlicht 14.01.2025 15:15:19
  • Zuletzt bearbeitet 21.08.2025 17:46:32

An os command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated ...