A command injection vulnerability exists in the wireless.cgi AddMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
References
Configurations
No configuration.
History
14 Jan 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Jan 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-01-14 15:15
Updated : 2025-01-14 16:15
NVD link : CVE-2024-34544
Mitre link : CVE-2024-34544
CVE.ORG link : CVE-2024-34544
JSON object : View
Products Affected
No product.
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')