EUVD-2020-3229

Malware in sbrugna...

CVE-2024-12986

A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session...

CVE-2024-12986

A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session...

CVE-2024-12986

A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session...

CVE-2024-12987 DrayTek Vigor2960/Vigor300B Web Management Interface apmcfgupload os command injection

A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command...

CVE-2024-12986 DrayTek Vigor2960/Vigor300B Web Management Interface apmcfgupptim os command injection

A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session...

CVE-2024-12986 DrayTek Vigor2960/Vigor300B Web Management Interface apmcfgupptim os command injection

A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session...

CVE-2024-12986

DrayTek Vigor2960/Vigor300B Web Management Interface (versions 1.5.1.3–1.5.1.4) contain a command-injection vulnerability in the /cgi-bin/mainfunction.cgi/apmcfgupptim endpoint where the session parameter is manipulated to achieve OS command execution. Exploitation can be remote and has been disc...

DrayTek Vigor300B和DrayTek Vigor2960 安全漏洞

DrayTek Vigor300B and DrayTek Vigor2960 are both products of China's DrayTek Corporation DrayTek.The Vigor300B is a load balancing router.The DrayTek Vigor2960 is a router... A security vulnerability exists in the DrayTek Vigor300B and DrayTek Vigor2960 version 1.5.1.4, which stems from a session...

DrayTek Vigor2960和Vigor300B 命令注入漏洞

DrayTek Vigor300B and DrayTek Vigor 2960 are both products of China DrayTek DrayTek.Vigor300B is a load balancing router.DrayTek Vigor 2960 is a Dual WAN broadband router/VPN gateway. A command injection vulnerability exists in the DrayTek Vigor 2960 and Vigor300B versions 1.5.1.3 through 1.5.1.4...

PT-2024-17849 · Draytek · Draytek Vigor2960 +1

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor2960 and Vigor300B versions 1.5.1.3 through 1.5.1.4 Description: A critical issue has been found in the Web Management Interface component, affecting some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim. The...

CVE-2024-12987

A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command...

VulnCheck KEV: CVE-2020-10828

A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request...

VulnCheck KEV: CVE-2020-10826

/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode...

DrayTek Vigor3900, Vigor2960, and Vigor300B OS Command Injection Vulnerabilities (CNVD-2020-51416)

DrayTek Vigor3900 and others are products of DrayTek Taiwan, China.DrayTek Vigor3900 is a broadband router/VPN gateway appliance.Vigor2960 is a load-balancing router and VPN gateway appliance.Vigor300B is a load-balancing router. An operating system command injection vulnerability exists in DrayT...

CVE-2020-15415

On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472...

PT-2020-7000 · Draytek · Draytek Vigor2960 +2

Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 versions prior to 1.5.1.1 Draytek Vigor2960 versions prior to 1.5.1.1 Draytek Vigor300B versions prior to 1.5.1.1 Description: The issue concerns command-injection vulnerabilities in the mainfunction.cgi file of the affected...

Draytek Vigor3900, Vigor2960 and Vigor300B Operating System Command Injection Vulnerability

DrayTek Vigor3900 and others are products of DrayTek Taiwan, China.DrayTek Vigor3900 is a broadband router/VPN gateway appliance.Vigor2960 is a load-balancing router and VPN gateway appliance.Vigor300B is a load-balancing router. A security vulnerability exists in the /cgi-bin/activate.cgi file i...

Draytek Vigor3900, Vigor2960 and Vigor300B Buffer Overflow Vulnerability

DrayTek Vigor3900 and others are products of DrayTek Taiwan, China.DrayTek Vigor3900 is a broadband router/VPN gateway appliance.Vigor2960 is a load-balancing router and VPN gateway appliance.Vigor300B is a load-balancing router. A buffer overflow vulnerability exists in cvmd in Draytek Vigor3900...

Draytek Vigor3900, Vigor2960 and Vigor300B Buffer Overflow Vulnerability (CNVD-2020-29582)

DrayTek Vigor3900 and others are products of DrayTek Taiwan, China.DrayTek Vigor3900 is a broadband router/VPN gateway appliance.Vigor2960 is a load-balancing router and VPN gateway appliance.Vigor300B is a load-balancing router. A buffer overflow vulnerability exists in apmd in Draytek Vigor3900...