Filtered by vendor Draytek
Subscriptions
Filtered by product Vigor3900 Firmware
Subscriptions
Total
47 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-51257 | 1 Draytek | 1 Vigor3900 Firmware | 2024-11-01 | 8.8 High |
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function. | ||||
CVE-2024-51258 | 1 Draytek | 1 Vigor3900 Firmware | 2024-11-01 | 8.8 High |
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doSSLTunnel function. | ||||
CVE-2024-48153 | 1 Draytek | 1 Vigor3900 Firmware | 2024-10-17 | 9.8 Critical |
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the get_subconfig function. | ||||
CVE-2024-46316 | 1 Draytek | 1 Vigor3900 Firmware | 2024-10-10 | 8 High |
DrayTek Vigor3900 v1.5.1.6 was discovered to contain a command injection vulnerability via the sub_2C920 function at /cgi-bin/mainfunction.cgi. This vulnerability allows attackers to execute arbitrary commands via supplying a crafted HTTP message. | ||||
CVE-2024-44844 | 1 Draytek | 2 Vigor3900, Vigor3900 Firmware | 2024-09-11 | 8 High |
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the name parameter in the run_command function. | ||||
CVE-2024-44845 | 1 Draytek | 2 Vigor3900, Vigor3900 Firmware | 2024-09-11 | 8 High |
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the value parameter in the filter_string function. | ||||
CVE-2024-43027 | 1 Draytek | 3 Vigor2960 Firmware, Vigor300b Firmware, Vigor3900 Firmware | 2024-08-23 | 8 High |
DrayTek Vigor 3900 before v1.5.1.5_Beta, DrayTek Vigor 2960 before v1.5.1.5_Beta and DrayTek Vigor 300B before v1.5.1.5_Beta were discovered to contain a command injection vulnerability via the action parameter at cgi-bin/mainfunction.cgi. |