Vulnerability Details CVE-2024-45882
DrayTek Vigor3900 1.5.1.3 contains a command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `delete_map_profile.`
Exploit prediction scoring system (EPSS) score
EPSS Score 0.035
EPSS Ranking 86.9%
CVSS Severity
CVSS v3 Score 8.0
References
Products affected by CVE-2024-45882
-
cpe:2.3:h:draytek:vigor3900:-
-
cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3