DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities

DrayTek VigorACS SI /ACSServer/ We found that most of the VigorACS SI deployments are using the default http authentication settings acs/password. This is not so much a software vulnerability but more a configuration issue. 2.2 Unauthenticated arbitrary file read/write functionality via...

DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities

DrayTek VigorACS SI versions 1.3.0 and below suffer from local file inclusion, remote file upload, file write, and default login vulnerabilities. DrayTek VigorACS SI /ACSServer/ We found that most of the VigorACS SI deployments are using the default http authentication settings acs/password. This...