The vulnerability of the /cgi-bin/v2x00.cgi and /cgi-bin/cgiwcg.cgi web interfaces of DrayTek Vigor software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the /cgi-bin/v2x00.cgi and /cgi-bin/cgiwcg.cgi web interfaces of DrayTek Vigor microprogramming router software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...