Draytek Vigor3900, Vigor2960 and Vigor300B Buffer Overflow Vulnerability (CNVD-2020-29579)

DrayTek Vigor3900 and others are products of DrayTek Taiwan, China.DrayTek Vigor3900 is a broadband router/VPN gateway appliance.Vigor2960 is a load-balancing router and VPN gateway appliance.Vigor300B is a load-balancing router. A buffer overflow vulnerability exists in the /cgi-bin/activate.cgi...

Draytek Vigor3900, Vigor2960 and Vigor300B Buffer Overflow Vulnerability (CNVD-2020-29580)

DrayTek Vigor3900 and others are products of DrayTek Taiwan, China.DrayTek Vigor3900 is a broadband router/VPN gateway appliance.Vigor2960 is a load-balancing router and VPN gateway appliance.Vigor300B is a load-balancing router. A buffer overflow vulnerability exists in the /cgi-bin/activate.cgi...

Draytek Vigor3900, Vigor2960 and Vigor300B Operating System Command Injection Vulnerability

DrayTek Vigor3900 and others are products of DrayTek Taiwan, China.DrayTek Vigor3900 is a broadband router/VPN gateway appliance.Vigor2960 is a load-balancing router and VPN gateway appliance.Vigor300B is a load-balancing router. A security vulnerability exists in the /cgi-bin/activate.cgi file i...

Draytek Vigor3900, Vigor2960 and Vigor300B Buffer Overflow Vulnerability (CNVD-2020-29578)

DrayTek Vigor3900 and others are products of DrayTek Taiwan, China.DrayTek Vigor3900 is a broadband router/VPN gateway appliance.Vigor2960 is a load-balancing router and VPN gateway appliance.Vigor300B is a load-balancing router. A buffer overflow vulnerability exists in the /cgi-bin/activate.cgi...

CVE-2020-10826

/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode...

CVE-2020-10823

A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request issue 1 of 3...

CVE-2020-10824

A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request issue 2 of 3...

CVE-2020-10825

CVE-2020-10825 affects DrayTek Vigor3900, Vigor2960, and Vigor300B prior to firmware version 1.5.1. The issue is a stack-based buffer overflow in the /cgi-bin/activate.cgi endpoint during base64 decoding of the ticket parameter, which can enable remote code execution via a remote HTTP request. Th...

CVE-2020-10824

A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request issue 2 of 3...