CVE-2024-38894 Information

Description

WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin/touchlist_sync.cgi.

Reference

https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/Wavlink/WN551K1/touchlist_sync.cgi/README.md