9 matches found
CVE-2026-3040
A vulnerability was identified in DrayTek Vigor 300B up to 1.5.1.6. This affects the function cgiGetFile of the file /cgi-bin/mainfunction.cgi/uploadlangs of the component Web Management Interface. The manipulation of the argument File leads to os command injection. The attack may be initiated...
CVE-2026-3040
A vulnerability was identified in DrayTek Vigor 300B up to 1.5.1.6. This affects the function cgiGetFile of the file /cgi-bin/mainfunction.cgi/uploadlangs of the component Web Management Interface. The manipulation of the argument File leads to os command injection. The attack may be initiated...
CVE-2026-3040
A vulnerability was identified in DrayTek Vigor 300B up to 1.5.1.6. This affects the function cgiGetFile of the file /cgi-bin/mainfunction.cgi/uploadlangs of the component Web Management Interface. The manipulation of the argument File leads to os command injection. The attack may be initiated...
CVE-2026-3040 DrayTek Vigor 300B Web Management uploadlangs cgiGetFile os command injection
A vulnerability was identified in DrayTek Vigor 300B up to 1.5.1.6. This affects the function cgiGetFile of the file /cgi-bin/mainfunction.cgi/uploadlangs of the component Web Management Interface. The manipulation of the argument File leads to os command injection. The attack may be initiated...
CVE-2026-3040
A vulnerability was identified in DrayTek Vigor 300B up to 1.5.1.6. This affects the function cgiGetFile of the file /cgi-bin/mainfunction.cgi/uploadlangs of the component Web Management Interface. The manipulation of the argument File leads to os command injection. The attack may be initiated...
CVE-2026-3040 DrayTek Vigor 300B Web Management uploadlangs cgiGetFile os command injection
A vulnerability was identified in DrayTek Vigor 300B up to 1.5.1.6. This affects the function cgiGetFile of the file /cgi-bin/mainfunction.cgi/uploadlangs of the component Web Management Interface. The manipulation of the argument File leads to os command injection. The attack may be initiated...
CVE-2026-3040
CVE-2026-3040 affects DrayTek Vigor 300B (up to version 1.5.1.6) in the Web Management Interface, specifically the cgiGetFile function in /cgi-bin/mainfunction.cgi/uploadlangs. The File argument manipulation leads to OS command injection. Reports indicate remote initiation is possible and that an...
PT-2026-21570
Name of the Vulnerable Software and Affected Versions DrayTek Vigor 300B versions up to 1.5.1.6 Description A flaw exists in DrayTek Vigor 300B that allows for operating system command injection. This issue is located within the cgiGetFile function of the /cgi-bin/mainfunction.cgi/uploadlangs fil...
DrayTek Vigor 300B 操作系统命令注入漏洞
The DrayTek Vigor 300B is a Quad-WAN load balancing broadband router operated on Linux systems by DrayTek Corporation. Versions of the DrayTek Vigor 300B prior to 1.5.1.6 contained an operating system command injection vulnerability. This vulnerability stemmed from improper handling of parameters...