209 matches found
CVE-2024-51247
Affects DrayTek Vigor3900 firmware, version 1.5.1.3. The vulnerability arises from lack of neutralization of special elements in the operating system command used by the doPPPo function in the mainfunction.cgi script, enabling a remote attacker to inject and execute arbitrary commands. Documented...
CVE-2024-51252
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the restore function...
CVE-2024-51245
In DrayTek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the renametable function...
CVE-2024-51247
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doPPPo function...
CVE-2024-51248
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the modifyrow function...
CVE-2024-51260
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acmeprocess function...
CVE-2024-51255
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequestcertificate function...
CVE-2024-51260
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acmeprocess function...
CVE-2024-51255
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequestcertificate function...
CVE-2024-51254
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate function...
CVE-2024-51254
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate function...
CVE-2024-51259
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the setupcacertificate function...
CVE-2024-51260
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acmeprocess function...
PT-2024-34583 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acme process function. This enables attackers to potentially gain...
PT-2024-34581 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into "mainfunction.cgi" and execute arbitrary commands by calling the setup cacertificate function. This enables attackers to potentially...
DrayTek Vigor 3900 安全漏洞
DrayTek Vigor 3900 is a high performance router for enterprise networks from China DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3. An attacker can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate...
PT-2024-34577 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into "mainfunction.cgi" and execute arbitrary commands by calling the sign cacertificate function. This is a command injection vulnerabilit...
CVE-2024-51254
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate function...
DrayTek Vigor 3900 安全漏洞
DrayTek Vigor 3900 is a high performance router for enterprise networks from China DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3. An attacker can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acmeprocess function...
CVE-2024-51255
CVE-2024-51255 affects DrayTek Vigor3900 firmware 1.5.1.3. The vulnerability allows an attacker to inject arbitrary commands into the web interface by invoking the ruequest_certificate function within mainfunction.cgi, with a CVSS v3.1 score of 9.8 (Network, Critical, no user interaction, high im...