Shodan
Vulnerabilities
Vulnerable Software
Draytek:  >> Vigor3900 Firmware  Security Vulnerabilities
CVE-2020-14993
A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.
CVSS Score
9.8
EPSS Score
0.066
Published
2020-06-23
CVE-2020-10823
A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3).
CVSS Score
9.8
EPSS Score
0.055
Published
2020-03-26
CVE-2020-10824
A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 2 of 3).
CVSS Score
9.8
EPSS Score
0.055
Published
2020-03-26
CVE-2020-10825
A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3).
CVSS Score
9.8
EPSS Score
0.055
Published
2020-03-26
CVE-2020-10826
/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode.
CVSS Score
9.8
EPSS Score
0.615
Published
2020-03-26
CVE-2020-10827
A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.
CVSS Score
9.8
EPSS Score
0.228
Published
2020-03-26
CVE-2020-10828
A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.
CVSS Score
9.8
EPSS Score
0.228
Published
2020-03-26
CVE-2020-8515
Known exploited
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
CVSS Score
9.8
EPSS Score
0.944
Published
2020-02-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved