CRITICAL🇵🇱 Wersja polska

CVE-2024-39760

CVSS 10.0v3.1pub. 2025-01-14upd. 2025-11-03

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists within the `restart_min_value` POST parameter.

🤖 AI Analysis
How it works

The vulnerability is located in the set_sys_init() function of the login.cgi file handling HTTP requests. An attacker can send a specially crafted HTTP request containing a malicious payload in a POST parameter named restart_min_value. Data from this parameter is passed to the system command interpreter without proper validation or sanitization, resulting in execution of injected commands with the privileges of the process handling the request. The attack requires no authentication or user interaction.

Impact

An attacker gains the ability to remotely execute arbitrary system commands on the vulnerable device, which may lead to complete takeover of the router, leakage of configuration data (including credentials), modification of network settings, and exploitation of the device as an entry point to the local network.

Mitigation & patch

Patches available from the manufacturer should be applied in accordance with references. As temporary measures, it is recommended to restrict access to the device's administrative interface only to trusted IP addresses and to isolate the device from external networks using a firewall.

Who is affected

Wavlink AC3000 M33A8, firmware version V5030.210505 (products WL-WN533A8 / WL-WN533A8 Firmware)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Wavlink Wl Wn533a8

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wl Wn533a8 Firmware

    OS
    Wavlink
    m33a8.v5030.210505
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-21797CRITICAL9.1PL ✓ten sam produkt

Command injection w Wavlink AC3000 — wykonanie dowolnych poleceń przez adm.cgi

CVE-2024-34166CRITICAL10.0PL ✓ten sam produkt

Command injection w firmware Wavlink AC3000 — zdalne wykonanie kodu

CVE-2024-34544CRITICAL9.1PL ✓ten sam produkt

Command injection w Wavlink AC3000 – nieautoryzowane wykonanie poleceń

CVE-2024-36258CRITICAL10.0PL ✓ten sam produkt

Stack-based buffer overflow w Wavlink AC3000 umożliwia RCE przez HTTP

CVE-2024-36272CRITICAL9.1PL ✓ten sam produkt

Buffer overflow w Wavlink AC3000 — podatność w funkcji set_info() usbip.cgi