CVE-2024-34544

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Jan 14, 2025

CWE ID 74

Summary

CVE-2024-34544 is a command injection vulnerability affecting the Wavlink AC3000 M33A8.V5030.210505 wireless access point. The issue lies within the AddMac() functionality of the wireless.cgi file. A maliciously crafted HTTP request can exploit this vulnerability, enabling an attacker to execute arbitrary commands on the system with authentication privileges. This flaw poses a significant risk, and it is recommended that affected devices be updated with the latest security patches to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wtL6IT
https://www.cve.org/CVERecord?id=CVE-2024-34544
https://nvd.nist.gov/vuln/detail/CVE-2024-34544

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2024-34544

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations