CVE-2024-45885

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to autodiscoveryclear...

CVE-2024-45885

DrayTek Vigor3900 firmware 1.5.1.3 contains a post-authentication command injection vulnerability triggered by the action parameter in cgi-bin/mainfunction.cgi when set to autodiscovery_clear. The issue is documented across multiple sources (NVD, Red Hat, CIRCL, CNNVD, CVE listings). The vulnerab...