2 matches found
CVE-2023-24229
Summary: CVE-2023-24229 affects DrayTek Vigor2960 (v1.5.1.4). An authenticated attacker with network access to the device’s web management interface can inject operating system commands through the mainfunction.cgi parameter, enabling arbitrary command execution. This vulnerability exists in a de...
CVE-2023-24229
DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...