CVE-2024-39963

AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution (RCE) vulnerability via the macFilterType parameter at /goform/setMacFilterCfg.
Configurations

No configuration.

History

21 Nov 2024, 09:28

Type Values Removed Values Added
References () https://gist.github.com/Swind1er/c8e4369c7fdfd750c8ad01a276105c57 - () https://gist.github.com/Swind1er/c8e4369c7fdfd750c8ad01a276105c57 -

01 Aug 2024, 13:56

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.0
CWE CWE-77

22 Jul 2024, 13:00

Type Values Removed Values Added
Summary
  • (es) Se descubrió que el enrutador AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 y AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 contenían una vulnerabilidad de ejecución remota de comandos (RCE) autenticada a través de el parámetro macFilterType en /goform/setMacFilterCfg.

19 Jul 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-19 15:15

Updated : 2024-11-21 09:28


NVD link : CVE-2024-39963

Mitre link : CVE-2024-39963

CVE.ORG link : CVE-2024-39963


JSON object : View

Products Affected

No product.

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')