GHSA-qxxc-5wx2-mh2q
GitHub Security Advisory
⚠ Unreviewed
CRITICAL
Has CVE
Advisory Details
Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal vulnerability exists within the `disk_part` POST parameter.
Related CVEs
Key Information
9.0
/10
Dataset
Last updated: July 7, 2025 6:28 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.