Draytek: >> Vigor3910 Firmware >> 3.9.6 Security Vulnerabilities
A Directory Traversal issue was discovered in process_post on Draytek Vigor3910 4.3.2.5 devices. When sending a certain POST request, it calls the function and exports information.
CVSS Score
7.5
EPSS Score
0.011
Published
2024-03-20
An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.
CVSS Score
10.0
EPSS Score
0.631
Published
2022-08-29
Page 3