Vulnerability Details CVE-2024-51300
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the get_rrd function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.9%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-51300
-
cpe:2.3:h:draytek:vigor3900:-
-
cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3