A firmware update vulnerability exists in the fw_check.sh...
Critical severity
Unreviewed
Published
Jan 14, 2025
to the GitHub Advisory Database
•
Updated Jan 14, 2025
Description
Published by the National Vulnerability Database
Jan 14, 2025
Published to the GitHub Advisory Database
Jan 14, 2025
Last updated
Jan 14, 2025
A firmware update vulnerability exists in the fw_check.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary firmware update. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
References