CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

VulnCheck KEV•added 2025/08/22 12:0 a.m.•6 views

VulnCheck KEV: CVE-2024-45884

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to setSWMGroup...

8CVSS5.8AI score0.00423EPSS

In wildExploits0References2

OSV•added 2024/11/04 3:15 p.m.•0 views

CVE-2024-45884

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to setSWMGroup...

8CVSS5.8AI score

Exploits0References2

NVD•added 2024/11/04 3:15 p.m.•11 views

CVE-2024-45884

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the action parameter in cgi-bin/mainfunction.cgi is set to setSWMGroup...

8CVSS0.00423EPSS

Exploits0References2

Positive Technologies•added 2024/11/04 12:0 a.m.•2 views

PT-2024-31835 · Draytek · Draytek Vigor3900

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue is a post-authentication command injection problem. It occurs when the action parameter in the "cgi-bin/mainfunction.cgi" endpoint is set to setSWMGroup. This allows for potential comma...

8CVSS7.4AI score0.00423EPSS

Exploits0References6

CVE•added 2024/11/04 12:0 a.m.•52 views

CVE-2024-45884

DrayTek Vigor3900 firmware 1.5.1.3 is affected by a post-authentication command-injection vulnerability. The flaw occurs when the action parameter in /cgi-bin/mainfunction.cgi is set to setSWMGroup, allowing potentially arbitrary commands to be executed after authentication. CVSS v3.1: AV Adjacen...

8CVSS7.4AI score0.00423EPSS

In wildExploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by