← Back to Search

DrayTek (Multiple Vigor Routers)

2024-09-30 · Severity 5/10 — Medium · Web_app_exploit
Incident Summary

DrayTek Vigor3900, Vigor2960, and Vigor300B devices contain an OS command injection vulnerability in cgi-bin/mainfunction.cgi/cvmcfgupload that allows for remote code execution via shell metacharacter

Sources
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Details
Records Affected
Unknown
Industry
Technology
Headquarters
Date Reported
2024-09-30
Related Breaches

No related breaches in the last 90 days.