Lucene search
K

8 matches found

redhatcve
redhatcve
added 2025/05/22 7:6 p.m.9 views

CVE-2021-20123

A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges...

7.8CVSS6.9AI score0.74279EPSS
Exploits1References1
checkpoint_advisories
checkpoint_advisories
added 2021/11/11 12:0 a.m.18 views

Draytek VigorConnect Directory Traversal (CVE-2021-20123)

A directory traversal vulnerability exists in Draytek VigorConnect. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

7.8CVSS7.2AI score0.74279EPSS
Exploits1
nessus
nessus
added 2021/11/08 12:0 a.m.33 views

Draytek VigorConnect LFI (CVE-2021-20123)

Binary data draytekvigorconnectcve-2021-20123.nbin...

7.8CVSS7.7AI score0.74279EPSS
Exploits1References2
circl
circl
added 2021/10/13 8:26 p.m.20 views

CVE-2021-20123

creationtimestamp| type| source ---|---|--- 2021-10-13 20:26:56+00:00| seen| https://t.me/cibsecurity/30527 2024-09-03 18:10:02+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-10-03 12:45:41+00:00| seen| https://t.me/truesecator/6278 2025-02-23 02:10:58+00:00| seen|...

7.8CVSS7.4AI score0.74279EPSS
In wildExploits1References8
vulnrichment
vulnrichment
added 2021/10/13 3:47 p.m.26 views

CVE-2021-20123

A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges...

6.7AI score0.74279EPSS
Exploits1References1
cvelist
cvelist
added 2021/10/13 3:47 p.m.34 views

CVE-2021-20123

A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges...

7.7AI score0.74279EPSS
Exploits1References1
cve
cve
added 2021/10/13 3:47 p.m.214 views

CVE-2021-20123

Draytek VigorConnect 1.6.0-B3 exposes a local file inclusion flaw in the DownloadFileServlet, allowing an unauthenticated attacker to download arbitrary files from the host with root privileges. Affected component: DownloadFileServlet/file download functionality. Root-cause: LFI in the file downl...

7.8CVSS7.4AI score0.74279EPSS
In wildExploits1References2Affected Software1
attackerkb
attackerkb
added 2021/10/13 12:0 a.m.19 views

CVE-2021-20123

A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges...

7.8CVSS6.8AI score0.74279EPSS
In wildExploits1References2
Rows per page
Query Builder