Vigor2952 Firmware Security Vulnerabilities and Issues — Vigor2952 Firmware CVE List

Lucene search

DraytekVigor2952 Firmware

4 matches found

CVE•added 2024/10/03 7:15 p.m.•75 views

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs.

8CVSS7AI score0.01189EPSS

CVE•added 2024/10/03 7:15 p.m.•47 views

CVE-2024-41596

Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of improper retrieval and handling of the CGI form parameters.

8CVSS7AI score0.0007EPSS

CVE•added 2024/10/03 7:15 p.m.•46 views

CVE-2024-41588

The CGI endpoints v2x00.cgi and cgiwcg.cgi of DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strncpy function.

8CVSS6.8AI score0.00072EPSS

CVE•added 2024/10/03 7:15 p.m.•42 views

CVE-2024-41590

Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6.

8CVSS6.7AI score0.00082EPSS