10 matches found
CVE-2023-31447
userlogin.cgi on Draytek Vigor2620 devices before 3.9.8.4 and on all versions of Vigor2925 devices allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code...
CVE-2024-51139
Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 and earlier and Vigor2865/2866/2927 4.4.5....
CVE-2023-31447
userlogin.cgi on Draytek Vigor2620 devices before 3.9.8.4 and on all versions of Vigor2925 devices allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code...
CVE-2023-31447
userlogin.cgi on Draytek Vigor2620 devices before 3.9.8.4 and on all versions of Vigor2925 devices allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code...
Code injection
userlogin.cgi on Draytek Vigor2620 devices before 3.9.8.4 and on all versions of Vigor2925 devices allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code...
Draytek Vigor2620 安全漏洞
The DrayTek Draytek Vigor2620 is a wireless router from China-based DrayTek. A security vulnerability exists in the Draytek Vigor2620 prior to version 3.9.8.4, which originates in userlogin.cgi and allows an attacker to send a crafted payload that modifies the contents of a snippet, inserts...
CVE-2023-31447
userlogin.cgi on Draytek Vigor2620 devices before 3.9.8.4 and on all versions of Vigor2925 devices allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code...
CVE-2023-31447
userlogin.cgi on Draytek Vigor2620 devices before 3.9.8.4 and on all versions of Vigor2925 devices allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code...
CVE-2023-31447
CVE-2023-31447 affects DrayTek Vigor2620 (before 3.9.8.4) and all Vigor2925 devices. The vulnerability resides in the web interface script user_login.cgi , where a crafted payload can modify a code segment, insert shellcode, and execute arbitrary code on the device. Public sources confirm the imp...
PT-2023-9807 · Draytek · Draytek Vigor 2925 +1
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor2620 versions prior to 3.9.8.4 DrayTek Vigor2925 versions prior to 3.9.8.4 Description: The issue is related to the user login.cgi script in the web interface of DrayTek Vigor router firmware, which is associated with incorrect...