Lucene search
K

The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network lies in the lack of access control. This allows a malicious user to delete any files with root privileges.

🗓️ 23 Dec 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 5 Views

VigorConnect lacks access control, enabling remote deletion of root files on VigorAP, VigorSwitches.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2021-20127
13 Oct 202120:26
circl
CNNVD
Draytek VigorConnect 访问控制错误漏洞
13 Oct 202100:00
cnnvd
CNVD
Draytek VigorConnect Arbitrary File Deletion Vulnerability
14 Oct 202100:00
cnvd
CVE
CVE-2021-20127
13 Oct 202115:49
cve
Cvelist
CVE-2021-20127
13 Oct 202115:49
cvelist
EUVD
EUVD-2021-7584
3 Oct 202520:07
euvd
NVD
CVE-2021-20127
13 Oct 202116:15
nvd
OSV
CVE-2021-20127
13 Oct 202116:15
osv
Prion
Arbitrary file deletion
13 Oct 202116:15
prion
RedhatCVE
CVE-2021-20127
22 May 202519:06
redhatcve
Rows per page
Vulners
Node
draytekvigorconnectMatch1.6.0-b3

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

23 Dec 2024 00:00Current
7.4High risk
Vulners AI Score7.4
CVSS 38.1
CVSS 28.5
EPSS0.01095
5