DrayTek Vigor 3900 安全漏洞

The DrayTek Vigor 3900 is a high-performance router for enterprise networks from China-based DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3, which can be exploited by an attacker to execute arbitrary commands by injecting malicious commands into mainfunction.cg...

CVE-2024-51245

CVE-2024-51245 affects DrayTek Vigor3900 1.5.1.3. Attackers can inject commands into the web-facing mainfunction.cgi and execute arbitrary code by invoking the rename_table function due to insufficient input validation. Public sources describe remote command execution as the outcome. Reported rem...

DrayTek Vigor 3900 安全漏洞

The DrayTek Vigor 3900 is a high-performance router for enterprise networks from China-based DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3, which can be exploited by an attacker to execute arbitrary commands by injecting malicious commands into mainfunction.cg...

The vulnerability of the client server MiCollab of the collaborative work platform MiCollab, as well as the virtual instance of the business solution MiVoice Business Solution Virtual Instance (MiVB SVI), allows a perpetrator to execute arbitrary commands.

The vulnerability of the client server of the collaborative work platform MiCollab, as well as the virtual instance of the business solution MiVoice Business Solution Virtual Instance MiVB SVI, is related to the failure to take measures to neutralize special elements. Exploiting this vulnerabilit...

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform, related to insufficient validation of input data, allows a perpetrator to execute arbitrary commands.

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform relates to the failure to implement measures to neutralize specific elements. Exploiting this vulnerability allows attackers to execute arbitrary commands...

CVE-2024-51260

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acmeprocess function...

CVE-2024-51254

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate function...

CVE-2024-51255

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequestcertificate function...

DrayTek Vigor 3900 安全漏洞

DrayTek Vigor 3900 is a high-performance router for enterprise networks from China DrayTek DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3. An attacker can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the...

DrayTek Vigor 3900 安全漏洞

DrayTek Vigor 3900 is a high-performance router for enterprise networks from China DrayTek DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3. An attacker can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the...

The vulnerability of the binary file recvCmd in DrayTek Vigor microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the binary file recvCmd in DrayTek Vigor microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using...

CVE-2024-51260

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acmeprocess function...

CVE-2024-51257

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function...

CVE-2024-51296

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the pingtrace function...

CVE-2024-51304

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ldapsearchdn function...

CVE-2024-51301

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the packetmonitor function...

PT-2024-34592 · Draytek · Draytek Vigor3900

Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the packet monitor function. Recommendations: For Draytek Vigor3900 version...

CyberPanel 安全漏洞

CyberPanel is a web hosting control panel with built-in DNS and email servers by Usman Nasir, an individual developer. CyberPanel has a security vulnerability that originates from getresetstatus in dns/views.py that allows remote attackers to bypass authentication and execute arbitrary commands v...

CyberPanel 安全漏洞

CyberPanel is a web hosting control panel with built-in DNS and email servers by Usman Nasir, an individual developer. CyberPanel has a security vulnerability that originates from upgrademysqlstatus in databases/views.py that allows remote attackers to bypass authentication and execute arbitrary...

The vulnerability of the command-line interface of the microprogramming software for Cisco Analog Telephone Adapter (ATA) series 190 allows a perpetrator to execute arbitrary commands.

The vulnerability of the command-line interface of microprogramming software for Cisco Analog Telephone Adapter ATA series 190 devices exists due to the lack of measures taken to neutralize special elements used in the operating system’s command line. Exploiting this vulnerability allows an...