CVE-2024-52963

CVSS 3.1 Score 3.7 of 10 (low)

Details

Published Jan 14, 2025

CWE ID 787

Summary

CVE-2024-21797 is a critical command execution vulnerability affecting the set_TR069() functionality within the adm.cgi file of Wavlink AC3000 M33A8.V5030.210505. Maliciously crafted HTTP requests can exploit this issue, granting attackers the ability to execute arbitrary commands on the targeted device. Successful exploitation of this vulnerability requires authenticated access to the affected system, posing a significant risk to organizations and individuals using this specific Wavlink model.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0p-m6S
https://www.cve.org/CVERecord?id=CVE-2024-52963
https://nvd.nist.gov/vuln/detail/CVE-2024-52963

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners

CVE-2024-52963

CVSS 3.1 Score 3.7 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations