CRITICAL🇵🇱 Wersja polska

CVE-2024-34166

CVSS 10.0v3.1pub. 2025-01-14upd. 2025-08-21

An os command injection vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of HTTP requests can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability.

🤖 AI Analysis
How it works

The vulnerability exists in the CGI file 'touchlist_sync.cgi', specifically in the 'touchlistsync()' function. By sending a specially crafted HTTP request (or series of such requests), an attacker is able to inject malicious system commands into the call handled by this function. The lack of proper validation and sanitization of input data causes the supplied data to be interpreted and executed directly by the device's operating system.

Impact

An attacker can gain the ability to remotely execute arbitrary code without authentication (RCE) on the vulnerable device, which in practice means complete takeover of the router — including modification of network configuration, interception of network traffic, and use of the device as an entry point for further network penetration.

Mitigation & patch

Patches available from the manufacturer should be applied according to the references. It is also recommended to restrict access to the device management interface exclusively to trusted hosts and to isolate the device from the public Internet until the update is deployed.

Who is affected

Wavlink AC3000, model WL-WN533A8, firmware version M33A8.V5030.210505

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Wavlink Wl Wn533a8

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wl Wn533a8 Firmware

    OS
    Wavlink
    m33a8.v5030.210505
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-21797CRITICAL9.1PL ✓ten sam produkt

Command injection w Wavlink AC3000 — wykonanie dowolnych poleceń przez adm.cgi

CVE-2024-34544CRITICAL9.1PL ✓ten sam produkt

Command injection w Wavlink AC3000 – nieautoryzowane wykonanie poleceń

CVE-2024-36258CRITICAL10.0PL ✓ten sam produkt

Stack-based buffer overflow w Wavlink AC3000 umożliwia RCE przez HTTP

CVE-2024-36272CRITICAL9.1PL ✓ten sam produkt

Buffer overflow w Wavlink AC3000 — podatność w funkcji set_info() usbip.cgi

CVE-2024-36290CRITICAL10.0PL ✓ten sam produkt

Buffer overflow w Wavlink AC3000 — podatność w login.cgi (Goto_chidx)