CVE-2024-51257

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function...

CVE-2024-51257

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function...

PT-2024-34579 · Draytek · Draytek Vigor3900

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function. Recommendations: For DrayTek Vigor3900 version...

CVE-2024-51257

Vulnerable product: DrayTek Vigor3900 firmware 1.5.1.3. Issue: mainfunction.cgi accepts input via doCertificate, enabling attackers to inject commands and achieve arbitrary command execution. Root cause: insecure handling in the doCertificate path leading to remote code execution. Impact: high-se...

CVE-2024-51257

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function...

DrayTek Vigor 3900 安全漏洞

The DrayTek Vigor 3900 is a high performance router for enterprise networks from DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3, which can be exploited to inject commands into mainfunction.cgi and execute arbitrary code in the doCertificate function...

CVE-2024-51257

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function...