CVE-2024-48705

{"id": "CVE-2024-48705", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}]}, "published": "2025-09-02T15:15:31.837", "references": [{"url": "http://wavlink.com", "tags": ["Product"], "source": "[email protected]"}, {"url": "https://github.com/L41KAA/CVE-2024-48705", "tags": ["Exploit"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "Wavlink AC1200 with firmware versions M32A3_V1410_230602 and M32A3_V1410_240222 are vulnerable to a post-authentication command injection while resetting the password. This vulnerability is specifically found within the \"set_sys_adm\" function of the \"adm.cgi\" binary, and is due to improper santization of the user provided \"newpass\" field"}], "lastModified": "2025-09-04T17:47:01.483", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:wavlink:wl-wn531p3_firmware:m32a3_v1410_230602:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4FC80B6-1C08-4203-8364-A36CE1D58EA1"}, {"criteria": "cpe:2.3:o:wavlink:wl-wn531p3_firmware:m32a3_v1410_240222:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BD54E31-8DF0-46CE-8957-8F65D4769132"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:wavlink:wl-wn531p3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2E0CBB75-43DC-4A5F-B4C7-8AE7B0C86E17"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}