Description
Multiple buffer overflow vulnerabilities in Wavlink WL-WN575A3 RPT75A3.V4300, which are caused by not performing strict length checks on user-controlled data. By successfully exploiting the vulnerabilities, attackers can crash the remote devices or execute arbitrary commands without any authorization verification.
References (1)
Core 1
Core References
Exploit, Third Party Advisory
https://gist.github.com/XiaoCurry/87f3a4412c46fa9c27d2f723136920b8
Scores
CVSS v3
5.1
EPSS
0.0330
EPSS Percentile
87.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-120
Status
published
Products (1)
wavlink/wl-wn575a3_firmware
rpt75a3.v4300
Published
Feb 11, 2025
Tracked Since
Feb 18, 2026