744 matches found
CVE-2024-45891
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to deletewlanprofile...
CVE-2024-45885
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to autodiscoveryclear...
CVE-2024-45889
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to commandTable...
CVE-2024-45889
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to commandTable...
CVE-2024-45887
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to doOpenVPN...
CVE-2024-45893
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to setSWMOption...
CVE-2024-45884
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to setSWMGroup...
CVE-2024-45884
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to setSWMGroup...
CVE-2024-45890
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to downloadovpn...
CVE-2024-45887
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to doOpenVPN...
CVE-2024-45890
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to downloadovpn...
CVE-2024-45887
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to doOpenVPN...
CVE-2024-45889
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to commandTable...
CVE-2024-45891
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to deletewlanprofile...
CVE-2024-45885
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to autodiscoveryclear...
PT-2024-31838 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue is a post-authentication command injection vulnerability. It occurs when the action parameter in the "cgi-bin/mainfunction.cgi" endpoint is set to commandTable. This vulnerability happe...
PT-2024-31841 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue is a post-authentication command injection vulnerability. This occurs when the action parameter in the "cgi-bin/mainfunction.cgi" endpoint is set to setSWMOption. Recommendations: For...
PT-2024-31835 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue is a post-authentication command injection problem. It occurs when the action parameter in the "cgi-bin/mainfunction.cgi" endpoint is set to setSWMGroup. This allows for potential comma...
CVE-2024-45884
DrayTek Vigor3900 firmware 1.5.1.3 is affected by a post-authentication command-injection vulnerability. The flaw occurs when the action parameter in /cgi-bin/mainfunction.cgi is set to setSWMGroup, allowing potentially arbitrary commands to be executed after authentication. CVSS v3.1: AV Adjacen...
CVE-2024-45893
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to setSWMOption...