CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-1163 – DrayTek Vigor 2960 Web Management Interface mainfunction.cgi getSyslogFile path traversal
https://notcve.org/view.php?id=CVE-2023-1163
A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5 and classified as critical. Affected by this vulnerability is the function getSyslogFile of the file mainfunction.cgi of the component Web Management Interface. The manipulation of the argument option leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/xxy1126/Vuln/blob/main/Draytek/3.md https://vuldb.com/?ctiid.222259 https://vuldb.com/?id.222259 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-1162 – DrayTek Vigor 2960 Web Management Interface mainfunction.cgi command injection
https://notcve.org/view.php?id=CVE-2023-1162
A vulnerability, which was classified as critical, was found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5. Affected is an unknown function of the file mainfunction.cgi of the component Web Management Interface. The manipulation of the argument password leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/xxy1126/Vuln/blob/main/Draytek/2.md https://vuldb.com/?ctiid.222258 https://vuldb.com/?id.222258 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 182EXPL: 0CVE-2023-23313
https://notcve.org/view.php?id=CVE-2023-23313
Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4.4.2.2; and Vigor2915, Vigor2765, Vigor2766, Vigor2135 v4.4.2.0; Vigor2763 v4.4.2.1; Vigor2862 and Vigor2926 v3.9.9.0; Vigor2925 v3.9.3; Vigor2952 and Vigor3220 v3.9.7.3; Vigor2133 and Vigor2762 v3.9.6.4; and Vigor2832 v3.9.6.2. • https://www.draytek.com/about/security-advisory/cross-site-scripting-vulnerability-%28cve-2023-23313%29 https://www.horizonconsulting.com/advisories23-Multiple-XSS-Stored-in-DrayTek-routers-CVE-2023-23313 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-1009 – DrayTek Vigor 2960 Web Management Interface mainfunction.cgi sub_1DF14 path traversal
https://notcve.org/view.php?id=CVE-2023-1009
A vulnerability classified as critical has been found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5. Affected is the function sub_1DF14 of the file /cgi-bin/mainfunction.cgi of the component Web Management Interface. The manipulation of the argument option with the input /../etc/passwd- leads to path traversal. It is possible to launch the attack remotely. • https://github.com/xxy1126/Vuln/blob/main/Draytek/1.md https://vuldb.com/?ctiid.221742 https://vuldb.com/?id.221742 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 136EXPL: 3CVE-2022-32548
https://notcve.org/view.php?id=CVE-2022-32548
An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field. Se ha detectado un problema en determinados routers DrayTek Vigor versiones anteriores a julio de 2022, como el Vigor3910 versiones anteriores a 4.3.1.1. El archivo /cgi-bin/wlogin.cgi presenta un desbordamiento de búfer por medio del nombre de usuario o contraseña al campo aa o ab • https://github.com/MosaedH/CVE-2022-32548-RCE-POC https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •