Wavlink Wl-wn533a8 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Wavlink Wl-wn533a8 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (63)
CVE-2024-39759 — CVSS 10.0 (critical): Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-36290 — CVSS 10.0 (critical): A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-39761 — CVSS 10.0 (critical): Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39760 — CVSS 10.0 (critical): Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39608 — CVSS 10.0 (critical): A firmware update vulnerability exists in the login.cgi functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP…
CVE-2024-39754 — CVSS 10.0 (critical): A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network…
CVE-2024-34166 — CVSS 10.0 (critical): An os command injection vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505…
CVE-2024-36258 — CVSS 10.0 (critical): A stack-based buffer overflow vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000…
CVE-2024-39363 — CVSS 9.6 (critical): A cross-site scripting (xss) vulnerability exists in the login.cgi set_lang_CountryCode() functionality of Wavlink AC3000…
CVE-2024-38666 — CVSS 9.1 (critical): An external config control vulnerability exists in the openvpn.cgi openvpn_client_setup() functionality of Wavlink AC3000…
CVE-2024-39280 — CVSS 9.1 (critical): An external config control vulnerability exists in the nas.cgi set_smb_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39288 — CVSS 9.1 (critical): A buffer overflow vulnerability exists in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39294 — CVSS 9.1 (critical): A buffer overflow vulnerability exists in the adm.cgi set_wzdgw4G() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted…
CVE-2024-39299 — CVSS 9.1 (critical): A buffer overflow vulnerability exists in the qos.cgi qos_sta_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-39357 — CVSS 9.1 (critical): A stack-based buffer overflow vulnerability exists in the wireless.cgi SetName() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39358 — CVSS 9.1 (critical): A buffer overflow vulnerability exists in the adm.cgi set_wzap() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted…
CVE-2024-39359 — CVSS 9.1 (critical): A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39360 — CVSS 9.1 (critical): An os command injection vulnerability exists in the nas.cgi remove_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-39367 — CVSS 9.1 (critical): An os command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun() functionality of Wavlink AC3000…
CVE-2024-39370 — CVSS 9.1 (critical): An arbitrary code execution vulnerability exists in the adm.cgi set_MeshAp() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39602 — CVSS 9.1 (critical): An external config control vulnerability exists in the nas.cgi set_nas() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-39603 — CVSS 9.1 (critical): A stack-based buffer overflow vulnerability exists in the wireless.cgi set_wifi_basic_mesh() functionality of Wavlink AC3000…
CVE-2024-39756 — CVSS 9.1 (critical): A buffer overflow vulnerability exists in the adm.cgi rep_as_router() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-39757 — CVSS 9.1 (critical): A stack-based buffer overflow vulnerability exists in the wireless.cgi AddMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39803 — CVSS 9.1 (critical): Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-21797 — CVSS 9.1 (critical): A command execution vulnerability exists in the adm.cgi set_TR069() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted…
CVE-2024-34544 — CVSS 9.1 (critical): A command injection vulnerability exists in the wireless.cgi AddMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-36272 — CVSS 9.1 (critical): A buffer overflow vulnerability exists in the usbip.cgi set_info() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted…
CVE-2024-36295 — CVSS 9.1 (critical): A command execution vulnerability exists in the qos.cgi qos_sta() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted…
CVE-2024-36493 — CVSS 9.1 (critical): A stack-based buffer overflow vulnerability exists in the wireless.cgi set_wifi_basic() functionality of Wavlink AC3000 M33A8.V5030.210505…
CVE-2024-37184 — CVSS 9.1 (critical): A buffer overflow vulnerability exists in the adm.cgi rep_as_bridge() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-37186 — CVSS 9.1 (critical): An os command injection vulnerability exists in the adm.cgi set_ledonoff() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-37357 — CVSS 9.1 (critical): A buffer overflow vulnerability exists in the adm.cgi set_TR069() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted…
CVE-2024-39799 — CVSS 9.1 (critical): Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000…
CVE-2024-39800 — CVSS 9.1 (critical): Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000…
CVE-2024-39801 — CVSS 9.1 (critical): Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39802 — CVSS 9.1 (critical): Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39762 — CVSS 9.1 (critical): Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000…
CVE-2024-39763 — CVSS 9.1 (critical): Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000…
CVE-2024-39764 — CVSS 9.1 (critical): Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000…
CVE-2024-39765 — CVSS 9.1 (critical): Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000…
CVE-2024-39768 — CVSS 9.1 (critical): Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39769 — CVSS 9.1 (critical): Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39770 — CVSS 9.1 (critical): Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39774 — CVSS 9.1 (critical): A buffer overflow vulnerability exists in the adm.cgi set_sys_adm() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted…
CVE-2024-39781 — CVSS 9.1 (critical): Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39782 — CVSS 9.1 (critical): Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39783 — CVSS 9.1 (critical): Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39784 — CVSS 9.1 (critical): Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-39785 — CVSS 9.1 (critical): Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-39786 — CVSS 9.1 (critical): Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-39787 — CVSS 9.1 (critical): Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-39788 — CVSS 9.1 (critical): Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39789 — CVSS 9.1 (critical): Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39790 — CVSS 9.1 (critical): Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A…
CVE-2024-39793 — CVSS 9.1 (critical): Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505…
CVE-2024-39794 — CVSS 9.1 (critical): Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505…
CVE-2024-39795 — CVSS 9.1 (critical): Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505…
CVE-2024-39798 — CVSS 9.1 (critical): Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000…
CVE-2024-39604 — CVSS 9.0 (critical): A command execution vulnerability exists in the update_filter_url.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially…
CVE-2024-39273 — CVSS 9.0 (critical): A firmware update vulnerability exists in the fw_check.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP…
CVE-2022-48164 — CVSS 7.5 (high): An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers…
CVE-2024-39773 — CVSS 5.3 (medium): An information disclosure vulnerability exists in the testsave.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted…