CRITICAL🇵🇱 Wersja polska

CVE-2024-36258

CVSS 10.0v3.1pub. 2025-01-14upd. 2025-08-21

A stack-based buffer overflow vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability.

🤖 AI Analysis
How it works

The vulnerability is located in the CGI script 'touchlist_sync.cgi', specifically in the 'touchlistsync()' function. The attacker sends a specially crafted HTTP request containing data that exceeds the stack buffer size. Stack overflow enables overwriting the return address or other critical structures and taking control of the program execution flow, leading to arbitrary code execution (RCE).

Impact

An attacker can remotely execute arbitrary code on the device without any authentication, which in practice means complete takeover of the router, ability to modify network traffic, install a backdoor, or use the device as a launching point for further attacks on the network.

Mitigation & patch

Apply patches available from the manufacturer according to references. If no update is available, it is recommended to isolate the device from the public network, disable remote management from the WAN side, and monitor network traffic directed to the management interface.

Who is affected

Wavlink AC3000 devices (WL-WN533A8 models) with firmware version M33A8.V5030.210505

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Wavlink Wl Wn533a8

    HW
    Wavlink
    wszystkie wersje
  • Wavlink Wl Wn533a8 Firmware

    OS
    Wavlink
    m33a8.v5030.210505
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2024-21797CRITICAL9.1PL ✓ten sam produkt

Command injection w Wavlink AC3000 — wykonanie dowolnych poleceń przez adm.cgi

CVE-2024-34166CRITICAL10.0PL ✓ten sam produkt

Command injection w firmware Wavlink AC3000 — zdalne wykonanie kodu

CVE-2024-34544CRITICAL9.1PL ✓ten sam produkt

Command injection w Wavlink AC3000 – nieautoryzowane wykonanie poleceń

CVE-2024-36272CRITICAL9.1PL ✓ten sam produkt

Buffer overflow w Wavlink AC3000 — podatność w funkcji set_info() usbip.cgi

CVE-2024-36290CRITICAL10.0PL ✓ten sam produkt

Buffer overflow w Wavlink AC3000 — podatność w login.cgi (Goto_chidx)