CVE-2024-39803

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Jan 14, 2025

CWE ID 120

Summary

CVE-2024-39803 refers to multiple buffer overflow vulnerabilities identified in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8. Vulnerable versions of this firmware contain a stack-based buffer overflow issue that can be triggered by a specially crafted HTTP request. An attacker with authenticated access can exploit this vulnerability by sending a malicious POST request with a long `sel_mode` parameter. Successful exploitation could lead to arbitrary code execution or denial-of-service conditions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wtL_Pe
https://www.cve.org/CVERecord?id=CVE-2024-39803
https://nvd.nist.gov/vuln/detail/CVE-2024-39803

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-39803

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations