{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T04:07:22.894","vulnerabilities":[{"cve":{"id":"CVE-2024-39783","sourceIdentifier":"talos-cna@cisco.com","published":"2025-01-14T15:15:23.253","lastModified":"2025-11-03T22:17:08.787","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command injection vulnerability exists in the `restart_week` POST parameter."},{"lang":"es","value":"Existen múltiples vulnerabilidades de inyección de comandos del sistema operativo en la función sch_reboot() de adm.cgi de Wavlink AC3000 M33A8.V5030.210505. Una solicitud HTTP manipulada especialmente puede provocar la ejecución de un código arbitrario. Un atacante puede realizar una solicitud HTTP autenticada para activar estas vulnerabilidades. Existe una vulnerabilidad de inyección de comandos en el parámetro POST `restart_week`."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:wavlink:wl-wn533a8_firmware:m33a8.v5030.210505:*:*:*:*:*:*:*","matchCriteriaId":"EC5E3005-3FAD-449B-A34F-AAD42FB82614"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:wavlink:wl-wn533a8:-:*:*:*:*:*:*:*","matchCriteriaId":"2536B2FD-9821-4A7C-9D42-D8E05A5CE330"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-2033","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2033","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}