Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.1

    CVSS31
    CVE-2024-39802

    Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39801

    Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39800

    Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authent... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39799

    Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authent... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39798

    Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authent... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39795

    Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request ... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39794

    Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request ... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39793

    Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request ... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39790

    Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39789

    Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39788

    Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39787

    Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39786

    Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39785

    Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39784

    Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39783

    Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39782

    Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39781

    Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39770

    Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025

  • 9.1

    CVSS31
    CVE-2024-39769

    Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request t... Read more

    Affected Products :
    • Published: Jan. 14, 2025
    • Modified: Jan. 14, 2025
Showing 20 of 702 Results
© cvefeed.io
Latest DB Update: Jan. 15, 2025 17:47