201 matches found
CVE-2024-51255
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequestcertificate function...
CVE-2024-51259
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the setupcacertificate function...
CVE-2024-51254
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate function...
CVE-2024-51254
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate function...
CVE-2024-51255
CVE-2024-51255 affects DrayTek Vigor3900 firmware 1.5.1.3. The vulnerability allows an attacker to inject arbitrary commands into the web interface by invoking the ruequest_certificate function within mainfunction.cgi, with a CVSS v3.1 score of 9.8 (Network, Critical, no user interaction, high im...
CVE-2024-51259
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the setupcacertificate function...
CVE-2024-51259
CVE-2024-51259 affects DrayTek Vigor3900, version 1.5.1.3. The issue is a command-injection flaw in the CGI endpoint, allowing an attacker to inject commands into the mainfunction.cgi via the setup_cacertificate function, enabling arbitrary commands execution. The vulnerability carries a high imp...
DrayTek Vigor 3900 安全漏洞
DrayTek Vigor 3900 is a high performance router for enterprise networks from China DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3. An attacker can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acmeprocess function...
PT-2024-34578 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequest certificate function. Recommendations: For DrayTek Vigor3900...
CVE-2024-51254
DrayTek Vigor3900 firmware 1.5.1.3 is affected by a command-injection vulnerability in the mainfunction.cgi via the sign_cacertificate function. The issue allows an attacker to inject and execute arbitrary commands on affected devices. Multiple sources (NVD, Red Hat, CVE lists, and PT Security) c...
PT-2024-34581 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into "mainfunction.cgi" and execute arbitrary commands by calling the setup cacertificate function. This enables attackers to potentially...
CVE-2024-51255
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequestcertificate function...
CVE-2024-51254
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate function...
CVE-2024-51260
CVE-2024-51260 affects DrayTek Vigor3900, specifically version 1.5.1.3, where an attacker can inject commands into mainfunction.cgi and execute arbitrary commands via the acme_process function. The vulnerability enables remote code execution with network attack Vector, high impact on confidential...
DrayTek Vigor 3900 安全漏洞
DrayTek Vigor 3900 is a high-performance router for enterprise networks from China DrayTek DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3. An attacker can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the...
CVE-2024-51260
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acmeprocess function...
CVE-2024-51255
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequestcertificate function...
CVE-2024-51254
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the signcacertificate function...
CVE-2024-51260
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acmeprocess function...
PT-2024-34583 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acme process function. This enables attackers to potentially gain...