CVE-2024-39273

CriticalPublic PoC

Published: 14 January 2025

Published

14 January 2025

Modified

21 August 2025

KEV Added

—

Patch

—

CVSS Score 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

EPSS Score 0.0031 54.5th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-39273 is a critical-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Wavlink Wl-Wn533A8 Firmware. Its CVSS base score is 9.0 (Critical).

Operationally, ranked in the top 45.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 CM-5 (Access Restrictions for Change) and SC-8 (Transmission Confidentiality and Integrity).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

CM-5 Access Restrictions for Change good match

prevent

Restricts access to firmware update mechanisms to authorized personnel, directly preventing unauthenticated arbitrary firmware updates.

SC-8 Transmission Confidentiality and Integrity good match

prevent

Ensures confidentiality and integrity of firmware update transmissions, mitigating man-in-the-middle exploitation of HTTP traffic.

SI-7 Software, Firmware, and Information Integrity good match

detect

Monitors and verifies firmware integrity to detect unauthorized changes from malicious firmware installations.

NVD Description

A firmware update vulnerability exists in the fw_check.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary firmware update. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.

Deeper analysisAI

CVE-2024-39273 is a firmware update vulnerability in the fw_check.sh functionality of the Wavlink AC3000 router running firmware version M33A8.V5030.210505. The issue allows a specially crafted HTTP request to enable arbitrary firmware updates, stemming from missing authentication for a critical function (CWE-306). It carries a CVSS v3.1 base score of 9.0 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H), indicating critical severity with network accessibility, high attack complexity, no privileges or user interaction required, and scope change with high impacts across confidentiality, integrity, and availability.

An unauthenticated remote attacker can exploit this vulnerability via a man-in-the-middle (MITM) attack by intercepting and altering HTTP traffic to the device. Successful exploitation enables the attacker to perform arbitrary firmware updates, potentially allowing full device compromise, such as installing malicious firmware for persistent control or further network attacks.

Mitigation details are available in the Talos Intelligence advisory (TALOS-2024-2037) at https://talosintelligence.com/vulnerability_reports/TALOS-2024-2037.

Details

CWE(s): CWE-306

Affected Products

wavlink

wl-wn533a8 firmware

m33a8.v5030.210505

CVEs Like This One

CVE-2024-39608Same product: Wavlink Wl-Wn533A8

CVE-2024-36290Same product: Wavlink Wl-Wn533A8

CVE-2024-39781Same product: Wavlink Wl-Wn533A8

CVE-2024-39795Same product: Wavlink Wl-Wn533A8

CVE-2024-39798Same product: Wavlink Wl-Wn533A8

CVE-2024-39784Same product: Wavlink Wl-Wn533A8

CVE-2024-36493Same product: Wavlink Wl-Wn533A8

CVE-2024-36258Same product: Wavlink Wl-Wn533A8

CVE-2024-39757Same product: Wavlink Wl-Wn533A8

CVE-2024-38666Same product: Wavlink Wl-Wn533A8

References

https://talosintelligence.com/vulnerability_reports/TALOS-2024-2037
Exploit, Third Party Advisory · talos-cna@cisco.com
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2037
Exploit, Third Party Advisory · af854a3a-2127-422b-91ae-364da2661108