Stack-Based Buffer Overflow in Wavlink Wireless Router
CVE-2024-39357

Currently unrated

Key Information:

Vendor: Wavlink
Status: Wavlink AC3000 M33A8.V5030.210505
Vendor: CVE Published:; 14 January 2025

What is CVE-2024-39357?

A stack-based buffer overflow vulnerability has been identified in the SetName() functionality of Wavlink AC3000 M33A8.V5030.210505 routers. This vulnerability can be exploited via specially crafted HTTP requests, which could allow an attacker to execute arbitrary commands on the device. Successful exploitation requires authentication, making it essential for users and administrators to apply necessary patches and review security measures to mitigate potential risks associated with this vulnerability.

References

https://talosintelligence.com/vulnerability_reports/TALOS...

https://www.talosintelligence.com/vulnerability_reports/T...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 14, 2025