A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead to root access. An attacker can send packets to trigger this vulnerability.
The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product’s users or administrators.