Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the profname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
History

Tue, 24 Sep 2024 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Draytek
Draytek vigor3910
Draytek vigor3910 Firmware
Weaknesses CWE-120
CPEs cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*
cpe:2.3:o:draytek:vigor3910_firmware:4.3.2.6:*:*:*:*:*:*:*
Vendors & Products Draytek
Draytek vigor3910
Draytek vigor3910 Firmware
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}


Wed, 18 Sep 2024 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 18 Sep 2024 15:00:00 +0000

Type Values Removed Values Added
Description Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the profname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-09-18T00:00:00

Updated: 2024-09-18T16:24:41.165Z

Reserved: 2024-09-11T00:00:00

Link: CVE-2024-46554

cve-icon Vulnrichment

Updated: 2024-09-18T16:22:24.583Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-18T15:15:16.783

Modified: 2024-09-24T16:41:42.943

Link: CVE-2024-46554

cve-icon Redhat

No data.