Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.1

    CRITICAL
    CVE-2024-39781

    Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2024-39774

    A buffer overflow vulnerability exists in the adm.cgi set_sys_adm() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2024-39773

    An information disclosure vulnerability exists in the testsave.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this ... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Information Disclosure

  • 9.1

    CRITICAL
    CVE-2024-39770

    Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request t... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2024-39769

    Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request t... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2024-39768

    Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request t... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2024-39765

    Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated H... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2024-39764

    Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated H... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2024-39763

    Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated H... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2024-39762

    Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated H... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2024-39761

    Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP req... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2024-39760

    Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP req... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2024-39759

    Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP req... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2024-39757

    A stack-based buffer overflow vulnerability exists in the wireless.cgi AddMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP reques... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 21, 2025
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2024-39756

    A buffer overflow vulnerability exists in the adm.cgi rep_as_router() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigg... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 21, 2025
    • Vuln Type: Memory Corruption

  • 10.0

    CRITICAL
    CVE-2024-39754

    A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead to root access. An attacker can send packets to trigger this vulnerability.... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 21, 2025
    • Vuln Type: Authentication

  • 10.0

    CRITICAL
    CVE-2024-39608

    A firmware update vulnerability exists in the login.cgi functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary firmware update. An attacker can send an unauthenticated message to trigger this vulnerabili... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 21, 2025
    • Vuln Type: Authentication

  • 9.0

    CRITICAL
    CVE-2024-39604

    A command execution vulnerability exists in the update_filter_url.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can perform a man-in-the-middle attack to trigge... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 21, 2025
    • Vuln Type: Injection

  • 9.1

    CRITICAL
    CVE-2024-39603

    A stack-based buffer overflow vulnerability exists in the wireless.cgi set_wifi_basic_mesh() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticate... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 21, 2025
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2024-39602

    An external config control vulnerability exists in the nas.cgi set_nas() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to tr... Read more

    Affected Products : wl-wn533a8_firmware wl-wn533a8
    • Published: Jan. 14, 2025
    • Modified: Aug. 21, 2025
    • Vuln Type: Authentication
Showing 20 of 291784 Results