CVE-2024-39773

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505

Description: An information disclosure issue exists in the testsave.sh functionality. A specially crafted HTTP request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this issue.

Recommendations: For version M33A8.V5030.210505, as a temporary workaround, consider disabling the testsave.sh function until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.