Stack-based Buffer Overflow in Wavlink AC3000 Product
CVE-2024-39359

Currently unrated

Key Information:

Vendor: Wavlink
Status: Wavlink AC3000 M33A8.V5030.210505
Vendor: CVE Published:; 14 January 2025

What is CVE-2024-39359?

A stack-based buffer overflow vulnerability in the wireless.cgi DeleteMac() functionality of Wavlink AC3000 M33A8.V5030.210505 allows for potential arbitrary command execution. By sending a specially crafted HTTP request, an authenticated attacker can exploit this weakness, potentially compromising system integrity and control.

References

https://talosintelligence.com/vulnerability_reports/TALOS...

https://www.talosintelligence.com/vulnerability_reports/T...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 14, 2025