CVE-2024-48074

An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function...

DrayTek Vigor 3900 安全漏洞

DrayTek Vigor 3900 is a high performance router for enterprise networks from China DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3. An attacker can exploit this vulnerability to inject malicious commands into mainfunction.cgi and execute arbitrary commands by...

PT-2024-31954 · Draytek · Draytek Vigor3900

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.6 Description: The issue is a command injection vulnerability that allows attackers to execute arbitrary commands via supplying a crafted HTTP message. This is achieved through the sub 2C920 function at the...

The vulnerability of the component cgi-bin/mainfunction.cgi/cvmcfgupload in the microprogramming software for DrayTek Vigor allows a hacker to execute arbitrary code.

The vulnerability of the cgi-bin/mainfunction.cgi/cvmcfgupload component of DrayTek Vigor routing software exists due to the failure to eliminate special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2024-8279 · Draytek · Draytek Vigor300B +2

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 DrayTek Vigor 2960 affected versions not specified DrayTek Vigor 300B affected versions not specified Description: The issue is related to a post-authentication command injection. This occurs when the action...

PT-2024-8280 · Draytek · Draytek Vigor300B +2

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 DrayTek Vigor 2960 affected versions not specified DrayTek Vigor 300B affected versions not specified Description: The issue is related to a command injection vulnerability in the doOpenVPN function of the...

PT-2024-30260 · Draytek · Draytek Vigor300B +2

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor 3900 versions prior to v1.5.1.5 Beta DrayTek Vigor 2960 versions prior to v1.5.1.5 Beta DrayTek Vigor 300B versions prior to v1.5.1.5 Beta Description: A command injection vulnerability was discovered via the action parameter at...

CVE-2021-43118

A Remote Command Injection vulnerability exists in DrayTek Vigor 2960 1.5.1.3, DrayTek Vigor 3900 1.5.1.3, and DrayTek Vigor 300B 1.5.1.3 via a crafted HTTP message containing malformed QUERY STRING in mainfunction.cgi, which could let a remote malicious user execute arbitrary code...

CVE-2022-25084

TOTOLink T6 V5.9c.4085B20190428 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

PT-2020-6999 · Draytek · Draytek Vigor2960 +2

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor2960 versions prior to 1.5.1.1 DrayTek Vigor3900 versions prior to 1.5.1.1 DrayTek Vigor300B versions prior to 1.5.1.1 Description: The issue is related to a stack-based buffer overflow in the mainfunction.cgi script of the DrayT...

DrayTek Vigor Series Arbitrary Command Execution Vulnerability

The DrayTek Vigor300B is an enterprise-class router. The DrayTek Vigor300B cgi-bin/mainfunction.cgi URI fails to properly handle SHELL characters, which can be exploited by a remote attacker to submit a special request to execute arbitrary commands with ROOT privileges...

CVE-2020-8515

DrayTek Vigor2960 1.3.1Beta, Vigor3900 1.4.4Beta, and Vigor300B 1.3.3Beta, 1.4.2.1Beta, and 1.4.4Beta devices allow remote code execution as root without authentication via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1...

科汛(Kesion)CMS KS_Editor/InsertFunctionfield.asp注入漏洞

KSEditor/InsertFunctionfield.asp ID = Trimrequest"id" Call Main Call CloseConn Sub Main Set rs=Conn.Execute"select from KSLabel where ID='" & ID & "'" 官方最新版 暂无...