CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-48153

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the get_subconfig function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.3%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/tw11ty/CVE/blob/main/DrayTek/Vigor3900/Vigor3900%20command%20execution%20vulnerability.md

Products affected by CVE-2024-48153

Draytek » Vigor3900 » Version: N/A

cpe:2.3:h:draytek:vigor3900:-
Draytek » Vigor3900 Firmware » Version: 1.5.1.3

cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-48153

Products

Pricing

Contact Us