82 matches found
EUVD-2020-3229
Malware in sbrugna...
EUVD-2020-11567
Malware in sbrugna...
EUVD-2023-58510
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2024-48074
An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function...
CVE-2024-48074
An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function...
CVE-2023-24229
DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2020-14993
A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi...
CVE-2020-19664
DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi...
CVE-2024-12987
A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command...
CVE-2024-12986
A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session...
CVE-2024-12986
A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session...
CVE-2024-12986
A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session...
CVE-2024-12987
CVE-2024-12987 affects DrayTek Vigor2960 and Vigor300B running firmware 1.5.1.4, where the Web Management Interface endpoint /cgi-bin/mainfunction.cgi/apmcfgupload processes the session parameter in an insecure way, enabling OS command injection. The issue is exploitable remotely and has public e...
CVE-2024-12987 DrayTek Vigor2960/Vigor300B Web Management Interface apmcfgupload os command injection
A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command...
CVE-2024-12986 DrayTek Vigor2960/Vigor300B Web Management Interface apmcfgupptim os command injection
A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session...
CVE-2024-12986 DrayTek Vigor2960/Vigor300B Web Management Interface apmcfgupptim os command injection
A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session...
CVE-2024-12986
DrayTek Vigor2960/Vigor300B Web Management Interface (versions 1.5.1.3–1.5.1.4) contain a command-injection vulnerability in the /cgi-bin/mainfunction.cgi/apmcfgupptim endpoint where the session parameter is manipulated to achieve OS command execution. Exploitation can be remote and has been disc...
DrayTek Vigor300B和DrayTek Vigor2960 安全漏洞
DrayTek Vigor300B and DrayTek Vigor2960 are both products of China's DrayTek Corporation DrayTek.The Vigor300B is a load balancing router.The DrayTek Vigor2960 is a router... A security vulnerability exists in the DrayTek Vigor300B and DrayTek Vigor2960 version 1.5.1.4, which stems from a session...
DrayTek Vigor2960和Vigor300B 命令注入漏洞
DrayTek Vigor300B and DrayTek Vigor 2960 are both products of China DrayTek DrayTek.Vigor300B is a load balancing router.DrayTek Vigor 2960 is a Dual WAN broadband router/VPN gateway. A command injection vulnerability exists in the DrayTek Vigor 2960 and Vigor300B versions 1.5.1.3 through 1.5.1.4...
PT-2024-17849 · Draytek · Draytek Vigor2960 +1
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor2960 and Vigor300B versions 1.5.1.3 through 1.5.1.4 Description: A critical issue has been found in the Web Management Interface component, affecting some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim. The...