Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists within the `ftp_max_sessions` POST parameter.

Deep Instinct Blog


Deep Instinct's Deep Learning Blog keeps professionals up to date on news and trends in the sophisticated deep learning, AI and cybersecurity industries. As our experts uncover critical finders, we find it only necessary to keep you informed. From perspective on recent threats to best practices in security we cover it.

Listed: