CVE-2024-39273

CVSS 3.1 Score 9 of 10 (high)

Details

Published Jan 14, 2025

CWE ID 306

Summary

CVE-2024-39273 is a vulnerability affecting the fw_check.sh functionality in the firmware of Wavlink AC3000 M33A8, specifically version V5030.210505. This issue permits an attacker, through a maliciously crafted HTTP request, to execute arbitrary firmware updates. The threat actor can carry out this attack through a man-in-the-middle position, potentially resulting in significant security consequences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wtLu6w
https://www.cve.org/CVERecord?id=CVE-2024-39273
https://nvd.nist.gov/vuln/detail/CVE-2024-39273

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners

CVE-2024-39273

CVSS 3.1 Score 9 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations