Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-32548
HistoryAug 29, 2022 - 6:15 a.m.

CVE-2022-32548

2022-08-2906:15:09
CWE-120
[email protected]
web.nvd.nist.gov

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

55.6%

JSON

An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.

Affected configurations

NVD
Node
draytekvigor3910_firmwareRange<4.3.1.1
AND
draytekvigor3910Match-
Node
draytekvigor1000b_firmwareRange<4.3.1.1
AND
draytekvigor1000bMatch-
Node
draytekvigor2962_firmwareRange<4.3.1.1
AND
draytekvigor2962Match-
Node
draytekvigor2962p_firmwareRange<4.3.1.1
AND
draytekvigor2962pMatch-
Node
draytekvigor2927_firmwareRange<4.4.0
AND
draytekvigor2927Match-
Node
draytekvigor2927ax_firmwareRange<4.4.0
AND
draytekvigor2927axMatch-
Node
draytekvigor2927ac_firmwareRange<4.4.0
AND
draytekvigor2927acMatch-
Node
draytekvigor2927vac_firmwareRange<4.4.0
AND
draytekvigor2927vacMatch-
Node
draytekvigor2927l_firmwareRange<4.4.0
AND
draytekvigor2927lMatch-
Node
draytekvigor2927lac_firmwareRange<4.4.0
AND
draytekvigor2927lacMatch-
Node
draytekvigor2915_firmwareRange<4.3.3.2
AND
draytekvigor2915Match-
Node
draytekvigor2915ac_firmwareRange<4.3.3.2
AND
draytekvigor2915acMatch-
Node
draytekvigor2952_firmwareRange<3.9.7.2
AND
draytekvigor2952Match-
Node
draytekvigor2952p_firmwareRange<3.9.7.2
AND
draytekvigor2952pMatch-
Node
draytekvigor3220_firmwareRange<3.9.7.2
AND
draytekvigor3220Match-
Node
draytekvigor2926_firmwareRange<3.9.8.1
AND
draytekvigor2926Match-
Node
draytekvigor2926n_firmwareRange<3.9.8.1
AND
draytekvigor2926nMatch-
Node
draytekvigor2926ac_firmwareRange<3.9.8.1
AND
draytekvigor2926acMatch-
Node
draytekvigor2926vac_firmwareRange<3.9.8.1
AND
draytekvigor2926vacMatch-
Node
draytekvigor2926l_firmwareRange<3.9.8.1
AND
draytekvigor2926lMatch-
Node
draytekvigor2926ln_firmwareRange<3.9.8.1
AND
draytekvigor2926lnMatch-
Node
draytekvigor2926lac_firmwareRange<3.9.8.1
AND
draytekvigor2926lacMatch-
Node
draytekvigor2862_firmwareRange<3.9.8.1
AND
draytekvigor2862Match-
Node
draytekvigor2862n_firmwareRange<3.9.8.1
AND
draytekvigor2862nMatch-
Node
draytekvigor2862ac_firmwareRange<3.9.8.1
AND
draytekvigor2862acMatch-
Node
draytekvigor2862vac_firmwareRange<3.9.8.1
AND
draytekvigor2862vacMatch-
Node
draytekvigor2862b_firmwareRange<3.9.8.1
AND
draytekvigor2862bMatch-
Node
draytekvigor2862bn_firmwareRange<3.9.8.1
AND
draytekvigor2862bnMatch-
Node
draytekvigor2862l_firmwareRange<3.9.8.1
AND
draytekvigor2862lMatch-
Node
draytekvigor2862ln_firmwareRange<3.9.8.1
AND
draytekvigor2862lnMatch-
Node
draytekvigor2862lac_firmwareRange<3.9.8.1
AND
draytekvigor2862lacMatch-
Node
draytekvigor2620l_firmwareRange<3.9.8.1
AND
draytekvigor2620lMatch-
Node
draytekvigor2620ln_firmwareRange<3.9.8.1
AND
draytekvigor2620lnMatch-
Node
draytekvigorlte_200n_firmwareRange<3.9.8.1
AND
draytekvigorlte_200nMatch-
Node
draytekvigor2133_firmwareRange<3.9.6.4
AND
draytekvigor2133Match-
Node
draytekvigor2133n_firmwareRange<3.9.6.4
AND
draytekvigor2133nMatch-
Node
draytekvigor2133ac_firmwareRange<3.9.6.4
AND
draytekvigor2133acMatch-
Node
draytekvigor2133vac_firmwareRange<3.9.6.4
AND
draytekvigor2133vacMatch-
Node
draytekvigor2133fvac_firmwareRange<3.9.6.4
AND
draytekvigor2133fvacMatch-
Node
draytekvigor2762_firmwareRange<3.9.6.4
AND
draytekvigor2762Match-
Node
draytekvigor2762n_firmwareRange<3.9.6.4
AND
draytekvigor2762nMatch-
Node
draytekvigor2762ac_firmwareRange<3.9.6.4
AND
draytekvigor2762acMatch-
Node
draytekvigor2762vac_firmwareRange<3.9.6.4
AND
draytekvigor2762vacMatch-
Node
draytekvigor165_firmwareRange<4.2.4
AND
draytekvigor165Match-
Node
draytekvigor166_firmwareRange<4.2.4
AND
draytekvigor166Match-
Node
draytekvigor2135_firmwareRange<4.4.2
AND
draytekvigor2135Match-
Node
draytekvigor2135ac_firmwareRange<4.4.2
AND
draytekvigor2135acMatch-
Node
draytekvigor2135vac_firmwareRange<4.4.2
AND
draytekvigor2135vacMatch-
Node
draytekvigor2135fvac_firmwareRange<4.4.2
AND
draytekvigor2135fvacMatch-
Node
draytekvigor2765_firmwareRange<4.4.2
AND
draytekvigor2765Match-
Node
draytekvigor2765ac_firmwareRange<4.4.2
AND
draytekvigor2765acMatch-
Node
draytekvigor2765vac_firmwareRange<4.4.2
AND
draytekvigor2765vacMatch-
Node
draytekvigor2766_firmwareRange<4.4.2
AND
draytekvigor2766Match-
Node
draytekvigor2766ac_firmwareRange<4.4.2
AND
draytekvigor2766acMatch-
Node
draytekvigor2766vac_firmwareRange<4.4.2
AND
draytekvigor2766vacMatch-
Node
draytekvigor2832_firmwareRange<3.9.6
AND
draytekvigor2832Match-
Node
draytekvigor2865_firmwareRange<4.4.0
AND
draytekvigor2865Match-
Node
draytekvigor2865ax_firmwareRange<4.4.0
AND
draytekvigor2865axMatch-
Node
draytekvigor2865ac_firmwareRange<4.4.0
AND
draytekvigor2865acMatch-
Node
draytekvigor2865vac_firmwareRange<4.4.0
AND
draytekvigor2865vacMatch-
Node
draytekvigor2865l_firmwareRange<4.4.0
AND
draytekvigor2865lMatch-
Node
draytekvigor2865lac_firmwareRange<4.4.0
AND
draytekvigor2865lacMatch-
Node
draytekvigor2866_firmwareRange<4.4.0
AND
draytekvigor2866Match-
Node
draytekvigor2866ax_firmwareRange<4.4.0
AND
draytekvigor2866axMatch-
Node
draytekvigor2866ac_firmwareRange<4.4.0
AND
draytekvigor2866acMatch-
Node
draytekvigor2866vac_firmwareRange<4.4.0
AND
draytekvigor2866vacMatch-
Node
draytekvigor2866l_firmwareRange<4.4.0
AND
draytekvigor2866lMatch-
Node
draytekvigor2866lac_firmwareRange<4.4.0
AND
draytekvigor2866lacMatch-

Related

githubexploit 14
trellix 4
thn 1
checkpoint_advisories 1
prion 1
cvelist 1
cve 1
githubexploit
githubexploit
Exploit for Classic Buffer Overflow in Draytek Vigor3910 Firmware
2022-10-08 12:05:41
Exploit for Classic Buffer Overflow in Draytek Vigor3910 Firmware
2022-09-15 05:39:42
Exploit for Classic Buffer Overflow in Draytek Vigor3910 Firmware
2022-09-19 06:55:03
trellix
trellix
Unauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers
2022-08-03 00:00:00
Unauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers
2022-08-03 00:00:00
Small Business, Mighty Attack Surface
2022-08-03 00:00:00
thn
thn
Critical RCE Bug Could Let Hackers Remotely Take Over DrayTek Vigor Routers
2022-08-04 13:10:00
checkpoint_advisories
checkpoint_advisories
DrayTek Routers Buffer Overflow (CVE-2022-32548)
2022-08-16 00:00:00
prion
prion
Buffer overflow
2022-08-29 06:15:00
cvelist
cvelist
CVE-2022-32548
2022-08-29 05:38:35
cve
cve
CVE-2022-32548
2022-08-29 06:15:09

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

55.6%

JSON
Related for NVD:CVE-2022-32548
githubexploit14trellix4thn1checkpoint_advisories1prion1cvelist1cve1