CVE-2024-39783
Published: 14 January 2025
Description
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists in the `restart_week` POST parameter.
Security Summary
CVE-2024-39783 is a set of multiple OS command injection vulnerabilities in the adm.cgi sch_reboot() functionality of the Wavlink AC3000 router running firmware version M33A8.V5030.210505. A specifically crafted HTTP request targeting the restart_week POST parameter allows arbitrary code execution. The vulnerability is classified under CWE-77 with a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H), indicating critical severity due to its potential for high-impact network-based exploitation.
An authenticated attacker with high privileges (PR:H) can exploit this vulnerability by sending a malicious HTTP request to the affected device over the network. Successful exploitation grants arbitrary code execution with elevated scope (S:C), enabling full compromise of confidentiality, integrity, and availability (C:H/I:H/A:H) on the targeted router.
The primary advisory from Talos Intelligence (TALOS-2024-2033) documents these issues in detail, available at https://talosintelligence.com/vulnerability_reports/TALOS-2024-2033. Practitioners should consult this report for recommended mitigations, such as firmware updates if available or restricting administrative access.
Details
- CWE(s)