Reconnecting to live updates…

CVE-2024-39769: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wavlink Wavlink AC3000

Critical

VulnerabilityCVE-2024-39769cve cve-2024-39769 cwe-120

Published: Tue Jan 14 2025 (01/14/2025, 14:21:32 UTC)

Source: CVE Database V5

Vendor/Project: Wavlink

Product: Wavlink AC3000

Description

Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability exists in the `cli_mac` POST parameter.

Technical Details

Data Version: 5.2
Assigner Short Name: talos
Date Reserved: 2024-06-28T16:07:50.026Z
Cvss Version: 3.1
State: PUBLISHED

Threat ID: 690929acfe7723195e0fd6cd

Added to database: 11/3/2025, 10:16:12 PM

Last updated: 11/3/2025, 10:17:43 PM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Related Threats

CVE-2024-4032: Vulnerability in Python Software Foundation CPython

High

VulnerabilityMon Nov 03 2025

CVE-2024-40867: A remote attacker may be able to break out of Web Content sandbox in Apple iOS and iPadOS

High

VulnerabilityMon Nov 03 2025

CVE-2024-40866: Visiting a malicious website may lead to address bar spoofing in Apple macOS

Medium

VulnerabilityMon Nov 03 2025

CVE-2024-40855: A sandboxed app may be able to access sensitive user data in Apple macOS

Medium

VulnerabilityMon Nov 03 2025

CVE-2024-40851: An attacker with physical access may be able to access contact photos from the lock screen in Apple iOS and iPadOS

Low

VulnerabilityMon Nov 03 2025

Actions

Please log in to the Console to use AI analysis features.

External Links

NVD Database MITRE CVE Reference 1 Reference 2 Search on Google

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

CVE-2024-39769: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wavlink Wavlink AC3000

CVE-2024-39769: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wavlink Wavlink AC3000

Description

Technical Details

Community Reviews

Related Threats

CVE-2024-4032: Vulnerability in Python Software Foundation CPython

CVE-2024-40867: A remote attacker may be able to break out of Web Content sandbox in Apple iOS and iPadOS

CVE-2024-40866: Visiting a malicious website may lead to address bar spoofing in Apple macOS

CVE-2024-40855: A sandboxed app may be able to access sensitive user data in Apple macOS

CVE-2024-40851: An attacker with physical access may be able to access contact photos from the lock screen in Apple iOS and iPadOS

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility