CVE-2024-39788 [CRITICAL] :

Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists within the `ftp_name` POST parameter.

F-Secure Articles

blog
tips

Useful online security tips and articles. True cyber security combines advanced technology and best practice. Get tips and read articles on how to take your online security even further.

Visit Website

Listed: Wed May 08 2024