Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `ftp_name` POST parameter.

Cybersecurity Jobs


CyberSecurityJobs.com is the No.1 platform for cyber security talent and employers to connect. Every month, thousands of job seekers benefit from our exclusive job posts and focused job search experience. Our employers gain access to an unrivaled audience of cyber security professionals providing them with high-quality applicants and filling vacancies fast.

Listed: