201 matches found
CVE-2024-51301
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the packetmonitor function...
PT-2024-34592 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the packet monitor function. Recommendations: For Draytek Vigor3900 version...
CVE-2024-51258
CVE-2024-51258 affects DrayTek Vigor3900 firmware version 1.5.1.3 . Vulnerability arises in the internal web endpoint mainfunction.cgi via the function doSSLTunnel , allowing an attacker to inject and execute arbitrary commands. The CVE's CVSS v3.1 metrics indicate a network-facilitated, low-priv...
CVE-2024-51299
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the dumpSyslog function...
DrayTek Vigor 3900 安全漏洞
The DrayTek Vigor 3900 is a high performance router for enterprise networks from DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3, which can be exploited to inject commands into mainfunction.cgi and execute arbitrary code in the pingtrace function...
CVE-2024-51257
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function...
PT-2024-34591 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the get rrd function. Recommendations: For Draytek Vigor3900 version 1.5.1....
PT-2024-34589 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the dumpSyslog function. Recommendations: For Draytek Vigor3900 version...
CVE-2024-51300
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the getrrd function...
CVE-2024-51299
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the dumpSyslog function...
CVE-2024-51296
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the pingtrace function...
CVE-2024-51298
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function...
DrayTek Vigor 3900 安全漏洞
The DrayTek Vigor 3900 is a high performance router for enterprise networks from DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3, which can be exploited to inject commands into mainfunction.cgi and execute arbitrary code in the packetmonitor function...
PT-2024-34580 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doSSLTunnel function. Recommendations: For DrayTek Vigor3900 version...
DrayTek Vigor 3900 安全漏洞
The DrayTek Vigor 3900 is a high performance router for enterprise networks from DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3, which can be exploited to inject commands into mainfunction.cgi and execute arbitrary code in the dumpSyslog function...
PT-2024-34587 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the pingtrace function. Recommendations: For Draytek Vigor3900 version...
PT-2024-34588 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function. Recommendations: For Draytek Vigor3900 version...
DrayTek Vigor 3900 安全漏洞
The DrayTek Vigor 3900 is a high performance router for enterprise networks from DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3, which can be exploited to inject commands into mainfunction.cgi and execute arbitrary code in the doSSLTunnel function...
CVE-2024-51296
CVE-2024-51296 affects DrayTek Vigor3900, version 1.5.1.3. The vulnerability stems from the ability to inject malicious commands into the web endpoint mainfunction.cgi and execute arbitrary commands by invoking the pingtrace function. The described impact is arbitrary command execution with high ...
CVE-2024-51299
CVE-2024-51299 affects Draytek Vigor3900, version 1.5.1.3. The flaw allows an attacker to inject commands into mainfunction.cgi and execute arbitrary commands via the dumpSyslog function. Documented impact is high (remote network attack with full system compromise) with CVSS v3.1: AV:N/AC:L/PR:L/...