Vigor2960 Firmware@1.5.1.4 Security Vulnerabilities and Issues — Vigor2960 Firmware@1.5.1.4 CVE List

Lucene search

DraytekVigor2960 Firmware1.5.1.4

4 matches found

CVE•added 2024/12/27 4:15 p.m.•411 views

CVE-2024-12987

A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command injecti...

9.8CVSS7.7AI score0.84299EPSS

CVE•added 2023/03/15 6:15 p.m.•93 views

CVE-2023-24229

DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

7.8CVSS7.5AI score0.0148EPSS

CVE•added 2023/11/22 8:15 p.m.•35 views

CVE-2023-6265

** UNSUPPORTED WHEN ASSIGNED ** Draytek Vigor2960 v1.5.1.4 and v1.5.1.5 are vulnerable to directory traversal via the mainfunction.cgi dumpSyslog 'option' parameter allowing an authenticated attacker with access to the web management interface to delete arbitrary files. Vigor2960 is no longer suppo...

8.1CVSS7.2AI score0.00214EPSS

CVE•added 2023/02/24 11:15 a.m.•31 views

CVE-2023-1009

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5. Affected is the function sub_1DF14 of the file /cgi-bin/mainfunction.cgi of the component Web Management Interface. The manipulation of the argument option with the input /.....

6.5CVSS5.7AI score0.02986EPSS