CVE-2024-51259

CVE-2024-51259 affects DrayTek Vigor3900, version 1.5.1.3. The issue is a command-injection flaw in the CGI endpoint, allowing an attacker to inject commands into the mainfunction.cgi via the setup_cacertificate function, enabling arbitrary commands execution. The vulnerability carries a high imp...

CVE-2024-51259

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the setupcacertificate function...

PT-2024-34578 · Draytek · Draytek Vigor3900

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequest certificate function. Recommendations: For DrayTek Vigor3900...

CVE-2024-51260

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acmeprocess function...

CVE-2024-51254

DrayTek Vigor3900 firmware 1.5.1.3 is affected by a command-injection vulnerability in the mainfunction.cgi via the sign_cacertificate function. The issue allows an attacker to inject and execute arbitrary commands on affected devices. Multiple sources (NVD, Red Hat, CVE lists, and PT Security) c...

CVE-2024-51255

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequestcertificate function...

CVE-2024-51260

CVE-2024-51260 affects DrayTek Vigor3900, specifically version 1.5.1.3, where an attacker can inject commands into mainfunction.cgi and execute arbitrary commands via the acme_process function. The vulnerability enables remote code execution with network attack Vector, high impact on confidential...

CVE-2024-51255

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequestcertificate function...

CVE-2024-51254

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate function...

DrayTek Vigor 3900 安全漏洞

DrayTek Vigor 3900 is a high-performance router for enterprise networks from China DrayTek DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3. An attacker can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the...

CVE-2024-51258

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doSSLTunnel function...

CVE-2024-51300

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the getrrd function...

CVE-2024-51296

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the pingtrace function...

CVE-2024-51301

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the packetmonitor function...

CVE-2024-51298

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function...

CVE-2024-51257

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function...

CVE-2024-51298

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function...

CVE-2024-51299

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the dumpSyslog function...

CVE-2024-51301

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the packetmonitor function...

CVE-2024-51300

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the getrrd function...