CVE-2024-39790

Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists within the `ftp_max_sessions` POST parameter.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 2.3 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2024-2056	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:wavlink:wl-wn533a8_firmware:m33a8.v5030.210505:*:*:*:*:*:*:*

cpe:2.3:h:wavlink:wl-wn533a8:-:*:*:*:*:*:*:*

History

22 Aug 2025, 14:01

Type	Values Removed	Values Added
Summary		(es) Existen múltiples vulnerabilidades de control de configuración externa en la función set_ftp_cfg() de nas.cgi de Wavlink AC3000 M33A8.V5030.210505. Una solicitud HTTP manipulada especialmente puede provocar la omisión de permisos. Un atacante puede realizar una solicitud HTTP autenticada para activar estas vulnerabilidades. Existe una vulnerabilidad de inyección de configuración dentro del parámetro POST `ftp_max_sessions`.
CPE		cpe:2.3:o:wavlink:wl-wn533a8_firmware:m33a8.v5030.210505:::::::* cpe:2.3:h:wavlink:wl-wn533a8:-:::::::*
First Time		Wavlink wl-wn533a8 Firmware Wavlink wl-wn533a8 Wavlink
References	~~() https://talosintelligence.com/vulnerability_reports/TALOS-2024-2056 -~~	() https://talosintelligence.com/vulnerability_reports/TALOS-2024-2056 - Exploit, Third Party Advisory

14 Jan 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-14 15:15

Updated : 2025-08-22 14:01

NVD link : CVE-2024-39790

Mitre link : CVE-2024-39790

CVE.ORG link : CVE-2024-39790

JSON object : View

Products Affected

wavlink

wl-wn533a8_firmware
wl-wn533a8

CWE

CWE-15

External Control of System or Configuration Setting

{"id": "CVE-2024-39790", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.3}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2025-01-14T15:15:24.367", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2056", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-15"}]}], "descriptions": [{"lang": "en", "value": "Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists within the `ftp_max_sessions` POST parameter."}, {"lang": "es", "value": "Existen m\u00faltiples vulnerabilidades de control de configuraci\u00f3n externa en la funci\u00f3n set_ftp_cfg() de nas.cgi de Wavlink AC3000 M33A8.V5030.210505. Una solicitud HTTP manipulada especialmente puede provocar la omisi\u00f3n de permisos. Un atacante puede realizar una solicitud HTTP autenticada para activar estas vulnerabilidades. Existe una vulnerabilidad de inyecci\u00f3n de configuraci\u00f3n dentro del par\u00e1metro POST `ftp_max_sessions`."}], "lastModified": "2025-08-22T14:01:34.613", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:wavlink:wl-wn533a8_firmware:m33a8.v5030.210505:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC5E3005-3FAD-449B-A34F-AAD42FB82614"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:wavlink:wl-wn533a8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2536B2FD-9821-4A7C-9D42-D8E05A5CE330"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}