Wl-wn533a8 Firmware CVEs and Security Vulnerabilities

Filtered by vendor Wavlink Subscriptions

Filtered by product Wl-wn533a8 Firmware Subscriptions

Search

Switch to Advanced Search (Beta)

Total 62 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-39803	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer overflow vulnerability exists in the `sel_mode` POST parameter.
CVE-2024-39802	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer overflow vulnerability exists in the `qos_dat` POST parameter.
CVE-2024-39801	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer overflow vulnerability exists in the `qos_bandwidth` POST parameter.
CVE-2024-39800	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `open_port` POST parameter.
CVE-2024-39799	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `sel_open_interface` POST parameter.
CVE-2024-39798	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `sel_open_protocol` POST parameter.
CVE-2024-39795	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `ftp_max_sessions` POST parameter.
CVE-2024-39794	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `ftp_port` POST parameter.
CVE-2024-39793	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `ftp_name` POST parameter.
CVE-2024-39790	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists within the `ftp_max_sessions` POST parameter.
CVE-2024-39789	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists within the `ftp_port` POST parameter.
CVE-2024-39788	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists within the `ftp_name` POST parameter.
CVE-2024-39787	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal vulnerability exists within the `disk_part` POST parameter.
CVE-2024-39786	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal vulnerability exists within the `adddir_name` POST parameter.
CVE-2024-39785	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists in the adddir_name POST parameter.
CVE-2024-39784	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists in the disk_part POST parameter.
CVE-2024-39783	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists in the `restart_week` POST parameter.
CVE-2024-39782	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists in the `restart_min` POST parameter.
CVE-2024-39781	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists in the `restart_hour` POST parameter.
CVE-2024-39770	1 Wavlink	2 Wl-wn533a8, Wl-wn533a8 Firmware	2025-11-03	9.1 Critical
Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability exists in the `en_enable` POST parameter.

Page 1 of 4. next last »