CVE-2024-39280
Published: 14 January 2025
Description
An external config control vulnerability exists in the nas.cgi set_smb_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Security Summary
CVE-2024-39280 is an external config control vulnerability in the nas.cgi set_smb_cfg() functionality of the Wavlink AC3000 router running firmware version M33A8.V5030.210505. The issue allows a specially crafted HTTP request to lead to arbitrary command execution and is classified under CWE-15. It has a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H), indicating critical severity due to its network accessibility, low attack complexity, and potential for high impact across confidentiality, integrity, and availability with a changed scope.
An authenticated attacker with high privileges can exploit this vulnerability by sending a malicious HTTP request to the affected nas.cgi endpoint. Successful exploitation grants arbitrary command execution on the device, potentially allowing full compromise of the router's operating system and enabling further network pivoting or persistence.
Details on the vulnerability, including technical analysis and potential mitigations, are available in the Talos Intelligence advisory at https://talosintelligence.com/vulnerability_reports/TALOS-2024-2055.
Details
- CWE(s)