CVSS: 5.4EPSS: 0%CPEs: 26EXPL: 1CVE-2020-28968
https://notcve.org/view.php?id=CVE-2020-28968
22 Oct 2021 — Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field. Draytek VigorAP 1000C contiene una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en el módulo RADIUS Setting - RADIUS Server Configuration. Esta vulnerabilidad permite a atacantes ejecutar scripts web o HTML arbitrarios por medi... • https://www.vulnerability-lab.com/get_content.php?id=2244 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-20129
https://notcve.org/view.php?id=CVE-2021-20129
13 Oct 2021 — An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs. Se presenta una vulnerabilidad de divulgación de información en Draytek VigorConnect versión 1.6.0-B3, que permite a un atacante no autenticado exportar los registros del sistema • https://www.tenable.com/security/research/tra-2021-42 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-20128
https://notcve.org/view.php?id=CVE-2021-20128
13 Oct 2021 — The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to stored XSS, as user input is not properly sanitized. El campo Profile Name en la página floor plan (Network Menu) en Draytek VigorConnect versión 1.6.0-B3 se ha encontrado que es vulnerable a un ataque de tipo XSS almacenado, ya que la entrada del usuario no está saneada apropiadamente • https://www.tenable.com/security/research/tra-2021-42 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-20127
https://notcve.org/view.php?id=CVE-2021-20127
13 Oct 2021 — An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete files in any location on the target operating system with root privileges. Se presenta una vulnerabilidad de eliminación arbitraria de archivos en la funcionalidad file delete del endpoint Html5Servlet de Draytek VigorConnect versión 1.6.0-B3. Esto permite a un usuario autenticado eliminar arbitrariamente archi... • https://www.tenable.com/security/research/tra-2021-42 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-20126
https://notcve.org/view.php?id=CVE-2021-20126
13 Oct 2021 — Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. Draytek VigorConnect versión 1.6.0-B3, carece de protecciones contra vulnerabilidades de tipo cross-site request forgery y no comprueba suficientemente si una petición bien formada, válida y consistente fue proporcionada intencionadamente por el usuario que envió la petición • https://www.tenable.com/security/research/tra-2021-42 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2021-20125
https://notcve.org/view.php?id=CVE-2021-20125
13 Oct 2021 — An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek VigorConnect 1.6.0-B3. An unauthenticated attacker could leverage this vulnerability to upload files to any location on the target operating system with root privileges. Se presenta una vulnerabilidad de carga arbitraria de archivos y de salto de directorio en la funcionalidad upload functionality de DownloadFileServlet en Draytek VigorConnect versión 1.6.0-B3. Un atacante... • https://www.tenable.com/security/research/tra-2021-42 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 49%CPEs: 1EXPL: 1CVE-2021-20124 – Draytek VigorConnect Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2021-20124
13 Oct 2021 — A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges. Se presenta una vulnerabilidad de inclusión de archivos locales en Draytek VigorConnect versión 1.6.0-B3, en la funcionalidad file download del endpoint WebServlet. Un atacante no autenticado podría aprovechar esta vulnerab... • https://www.tenable.com/security/research/tra-2021-42 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 45%CPEs: 1EXPL: 1CVE-2021-20123 – Draytek VigorConnect Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2021-20123
13 Oct 2021 — A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges. Se presenta una vulnerabilidad de inclusión de archivos locales en Draytek VigorConnect versión 1.6.0-B3, en la funcionalidad file download del endpoint DownloadFileServlet. Un atacante no autenticado podría aprove... • https://www.tenable.com/security/research/tra-2021-42 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 14%CPEs: 2EXPL: 2CVE-2020-19664
https://notcve.org/view.php?id=CVE-2020-19664
31 Dec 2020 — DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi. DrayTek Vigor2960 versión 1.5.1, permite una ejecución de comando remota por medio de metacaracteres shell en una acción toLogin2FA en el archivo mainfunction.cgi. • https://github.com/minghangshen/bug_poc • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 92%CPEs: 6EXPL: 1CVE-2020-15415 – DrayTek Multiple Vigor Routers OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2020-15415
30 Jun 2020 — On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472. En los dispositivos DrayTek Vigor3900, Vigor2960 y Vigor300B versiones anteriores a 1.5.1, en el archivo cgi-bin/mainfunction.cgi/cvmcfgupload permite una ejecución de comandos remota por medio de metacaracteres de shell en un nombre de archiv... • https://github.com/CLP-team/Vigor-Commond-Injection • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •