In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the restore function.
Metrics
Affected Vendors & Products
References
History
Tue, 05 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Draytek vigor3900
|
|
CPEs | cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:* | |
Vendors & Products |
Draytek vigor3900
|
Mon, 04 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Draytek
Draytek vigor3900 Firmware |
|
Weaknesses | CWE-78 | |
CPEs | cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:* | |
Vendors & Products |
Draytek
Draytek vigor3900 Firmware |
|
Metrics |
cvssV3_1
|
Fri, 01 Nov 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the restore function. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-11-01T00:00:00
Updated: 2024-11-04T20:52:26.636Z
Reserved: 2024-10-28T00:00:00
Link: CVE-2024-51252
Vulnrichment
Updated: 2024-11-04T20:51:56.216Z
NVD
Status : Analyzed
Published: 2024-11-01T18:15:07.287
Modified: 2024-11-05T20:54:38.960
Link: CVE-2024-51252
Redhat
No data.