Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists in the adddir_name POST parameter.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
输出中的特殊元素转义处理不恰当(注入)
Vulnerability Title
WAVLINK AC3000 注入漏洞
Vulnerability Description
WAVLINK AC3000是中国睿因(WAVLINK)公司的一个无线路由器。 WAVLINK AC3000 M33A8.V5030.210505版本存在注入漏洞,该漏洞源于包含多个命令执行漏洞。
CVSS Information
N/A
Vulnerability Type
N/A