Draytek: >> Vigor2960 Firmware >> 1.5.1 Security Vulnerabilities
DrayTek Vigor 3900 before v1.5.1.5_Beta, DrayTek Vigor 2960 before v1.5.1.5_Beta and DrayTek Vigor 300B before v1.5.1.5_Beta were discovered to contain a command injection vulnerability via the action parameter at cgi-bin/mainfunction.cgi.
CVSS Score
8.0
EPSS Score
0.028
Published
2024-08-21
A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5.1.3, and DrayTek Vigor 300B <= 1.5.1.3 in the mainfunction.cgi file via a crafted HTTP message containing malformed QUERY STRING, which could let a remote malicious user execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.125
Published
2022-03-29
DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi.
CVSS Score
8.8
EPSS Score
0.094
Published
2020-12-31
Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and Vigor300B with firmware before 1.5.1.1.
CVSS Score
9.8
EPSS Score
0.009
Published
2020-06-24
On Draytek Vigor3900, Vigor2960, and Vigor 300B devices before 1.5.1.1, there are some command-injection vulnerabilities in the mainfunction.cgi file.
CVSS Score
9.8
EPSS Score
0.011
Published
2020-06-24
A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.
CVSS Score
9.8
EPSS Score
0.066
Published
2020-06-23