CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-51254

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the sign_cacertificate function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.8%

CVSS Severity

CVSS v3 Score 8.8

References

https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf

Products affected by CVE-2024-51254

Draytek » Vigor3900 » Version: N/A

cpe:2.3:h:draytek:vigor3900:-
Draytek » Vigor3900 Firmware » Version: 1.5.1.3

cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-51254

Products

Pricing

Contact Us