CRITICAL🇵🇱 Wersja polska

CVE-2024-36290

CVSS 10.0v3.1pub. 2025-01-14upd. 2025-08-21

A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.

🤖 AI Analysis
How it works

The vulnerability (CWE-120) results from the lack of proper validation of input data length in the Goto_chidx() function handled by the login.cgi script. The attacker sends a specially crafted HTTP request, which causes a stack-based buffer overflow. Since the vulnerability is available without authentication and the attack vector is network-based and does not require any user interaction or special privileges, it can be exploited remotely by anyone who has access to the device's interface.

Impact

Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code (RCE) remotely on the device with full privileges, as well as lead to complete takeover of the router and loss of confidentiality, integrity, and availability of supported resources.

Mitigation & patch

Patches available from the manufacturer should be applied in accordance with the references. Until an update is applied, it is recommended to restrict access to the device's administrative panel only to trusted IP addresses and to disable exposure of the management interface to the public network (Internet).

Who is affected

Wavlink AC3000 (model WL-WN533A8), firmware version M33A8.V5030.210505

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Wavlink Wl Wn533a8

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wl Wn533a8 Firmware

    OS
    Wavlink
    m33a8.v5030.210505
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2024-21797CRITICAL9.1PL ✓ten sam produkt

Command injection w Wavlink AC3000 — wykonanie dowolnych poleceń przez adm.cgi

CVE-2024-34166CRITICAL10.0PL ✓ten sam produkt

Command injection w firmware Wavlink AC3000 — zdalne wykonanie kodu

CVE-2024-34544CRITICAL9.1PL ✓ten sam produkt

Command injection w Wavlink AC3000 – nieautoryzowane wykonanie poleceń

CVE-2024-36258CRITICAL10.0PL ✓ten sam produkt

Stack-based buffer overflow w Wavlink AC3000 umożliwia RCE przez HTTP

CVE-2024-36272CRITICAL9.1PL ✓ten sam produkt

Buffer overflow w Wavlink AC3000 — podatność w funkcji set_info() usbip.cgi