Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-01-14 CVE-2024-39795 Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-15
critical
 9.1
9.1
2025-01-14 CVE-2024-39798 Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-15
critical
 9.1
9.1
2025-01-14 CVE-2024-39799 Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-15
critical
 9.1
9.1
2025-01-14 CVE-2024-39800 Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-15
critical
 9.1
9.1
2025-01-14 CVE-2024-39801 Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-120
critical
 9.1
9.1
2025-01-14 CVE-2024-39802 Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-120
critical
 9.1
9.1
2025-01-14 CVE-2024-39803 Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505.
network
low complexity
CWE-120
critical
 9.1
9.1
2025-01-14 CVE-2023-42785 NULL Pointer Dereference vulnerability in Fortinet Fortios
A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request.
network
low complexity
fortinet CWE-476
6.5
6.5
2025-01-14 CVE-2023-42786 NULL Pointer Dereference vulnerability in Fortinet Fortios
A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request.
network
low complexity
fortinet CWE-476
6.5
6.5
2025-01-14 CVE-2024-11497 An authenticated attacker can use this vulnerability to perform a privilege escalation to gain root access.
network
low complexity
CWE-732
8.8
8.8