CVE-2024-39603

CRITICAL Year: 2024
CVSS v3 Score
9.1
Critical
Weakness Type
CWE-121
View all →

Vulnerability Description

A stack-based buffer overflow vulnerability exists in the wireless.cgi set_wifi_basic_mesh() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Related Vulnerabilities

CVE-2021-21887

CRITICAL
CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remot...

CWE-1212021

CVE-2021-21890

CRITICAL
CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote...

CWE-1212021

CVE-2021-21891

CRITICAL
CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote...

CWE-1212021

CVE-2022-26002

CRITICAL
CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An...

CWE-1212022

CVE-2024-20518

CRITICAL
CVSS:9.1(Critical)

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbi...

CWE-1212024

CVE-2024-20519

CRITICAL
CVSS:9.1(Critical)

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbi...

CWE-1212024