8 matches found
CVE-2021-20123
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges...
Draytek VigorConnect Directory Traversal (CVE-2021-20123)
A directory traversal vulnerability exists in Draytek VigorConnect. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
Draytek VigorConnect LFI (CVE-2021-20123)
Binary data draytekvigorconnectcve-2021-20123.nbin...
CVE-2021-20123
creationtimestamp| type| source ---|---|--- 2021-10-13 20:26:56+00:00| seen| https://t.me/cibsecurity/30527 2024-09-03 18:10:02+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-10-03 12:45:41+00:00| seen| https://t.me/truesecator/6278 2025-02-23 02:10:58+00:00| seen|...
CVE-2021-20123
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges...
CVE-2021-20123
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges...
CVE-2021-20123
Draytek VigorConnect 1.6.0-B3 exposes a local file inclusion flaw in the DownloadFileServlet, allowing an unauthenticated attacker to download arbitrary files from the host with root privileges. Affected component: DownloadFileServlet/file download functionality. Root-cause: LFI in the file downl...
CVE-2021-20123
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges...