5 matches found
CVE-2024-41587
Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6...
DrayTek Vigor 3910 安全漏洞
DrayTek Vigor 3910 is a high performance router for enterprise networks from China DrayTek. A security vulnerability exists in the DrayTek Vigor 3910 version v4.3.2.6 that originates from a buffer overflow issue contained in the iProfileIdx parameter of the v2x00.cgi page. An attacker can cause a...
PT-2024-32037 · Draytek · Draytek Vigor 3910
Name of the Vulnerable Software and Affected Versions: Draytek Vigor 3910 version 4.3.2.6 Description: A buffer overflow was discovered in the pb parameter at the "v2x00.cgi" endpoint, allowing attackers to cause a Denial of Service DoS via a crafted input. Recommendations: For Draytek Vigor 3910...
PT-2024-32036 · Draytek · Draytek Vigor 3910
Name of the Vulnerable Software and Affected Versions: Draytek Vigor 3910 version 4.3.2.6 Description: A buffer overflow was discovered in the profname parameter at the "v2x00.cgi" endpoint. This issue allows attackers to cause a Denial of Service DoS via a crafted input. Recommendations: For...
PT-2024-7670 · Draytek · Draytek Vigor 3910
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3910 devices through 4.3.2.6 Description: The issue is an unauthenticated DOM-based reflected XSS. This occurs due to a lack of protection for the web page structure in the DrayTek Vigor router's web interface firmware...