Security Links
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists within the `restart_week_value` POST parameter.

The PC Security Channel

The PC Security Channel is your go to place for cybersecurity. We test security products and create some of the best educational content about malware and threat analysis and other infosec topics.

Visit Website
Listed: