CVE-2024-39800 [CRITICAL] :

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `open_port` POST parameter.

Microsoft Security Blog

microsoft
windows

Expert coverage on security matters such as zero trust, identity and access management, threat protection, information protection, and security management.

Visit Website

Listed: Thu Nov 09 2023