Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Vigorap 910C Firmware Security Vulnerabilities

cve
cve

CVE-2017-11649

Cross-site request forgery (CSRF) vulnerability in DrayTek Vigor AP910C devices with firmware 1.2.0_RC3 build r6594 allows remote attackers to hijack the authentication of unspecified users for requests that enable SNMP on the remote device via vectors involving goform/setSnmp.

8.8CVSS

7AI Score

0.002EPSS

2018-03-07 02:29 AM
32
4
cve
cve

CVE-2017-11650

Cross-site scripting (XSS) vulnerability in DrayTek Vigor AP910C devices with firmware 1.2.0_RC3 build r6594 allows remote attackers to inject arbitrary web script or HTML via vectors involving home.asp.

6.1CVSS

5.9AI Score

0.005EPSS

2018-03-07 02:29 AM
27
4
cve
cve

CVE-2020-28968

Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field.

5.4CVSS

5.2AI Score

0.001EPSS

2021-10-22 08:15 PM
27
cve
cve

CVE-2020-3932

A vulnerable SNMP in Draytek VigorAP910C cannot be disabled, which may cause information leakage.

7.5CVSS

7.3AI Score

0.002EPSS

2020-04-15 07:15 AM
26