5 matches found
The vulnerability of the doPPPo function in the mainfunction.cgi script of the DrayTek Vigor 3900 router software allows a hacker to execute arbitrary commands.
The vulnerability of the doPPPo function in the mainfunction.cgi script of the DrayTek Vigor 3900 router software exists due to the failure to eliminate special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
DrayTek Vigor 3900 安全漏洞
The DrayTek Vigor 3900 is a high-performance router for enterprise networks from China-based DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3, which can be exploited by an attacker to execute arbitrary commands by injecting malicious commands into mainfunction.cg...
CVE-2024-51247
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doPPPo function...
CVE-2024-51247
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doPPPo function...
PT-2024-8828 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor 3900 version 1.5.1.3 Description: The issue exists due to the lack of neutralization of special elements used in the operating system command by the doPPPo function in the mainfunction.cgi script of the DrayTek Vigor 3900 router...