CVE-2020-8515
Multiple DrayTek Vigor Routers Web Management Page Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
5Exploited in Wild
YesDecision
Descriptions
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
Los dispositivos DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta y Vigor300B 1.3.3_Beta, 1.4.2.1_Beta y 1.4.4_Beta permiten la ejecución remota de código como root (sin autenticación) a través de metacaracteres de shell al URI cgi-bin / mainfunction.cgi . Este problema se ha solucionado en Vigor3900 / 2960 / 300B v1.5.1.
DrayTek Vigor2960 version 1.3.1_Beta, Vigor3900 version 1.4.4_Beta, and Vigor300B versions 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta suffer from a remote command execution vulnerability.
DrayTek Vigor3900, Vigor2960, and Vigor300B routers contain an unspecified vulnerability that allows for remote code execution.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-02-01 CVE Reserved
- 2020-02-01 CVE Published
- 2020-03-30 First Exploit
- 2021-11-03 Exploited in Wild
- 2022-05-03 KEV Due Date
- 2024-08-04 CVE Updated
- 2024-12-23 EPSS Updated
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (7)
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/48268 | 2020-03-30 | |
| https://github.com/imjdl/CVE-2020-8515-PoC | 2020-03-30 | |
| https://github.com/darrenmartyn/CVE-2020-8515 | 2021-09-04 | |
| https://github.com/truerandom/nmap_draytek_rce | 2024-08-12 | |
| http://packetstormsecurity.com/files/156979/DrayTek-Vigor2960-Vigor3900-Vigor300B-Remote-Command-Execution.html | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Draytek Search vendor "Draytek" | Vigor2960 Firmware Search vendor "Draytek" for product "Vigor2960 Firmware" | 1.3.1 Search vendor "Draytek" for product "Vigor2960 Firmware" and version "1.3.1" | beta |
Affected
| in | Draytek Search vendor "Draytek" | Vigor2960 Search vendor "Draytek" for product "Vigor2960" | - | - |
Safe
|
| Draytek Search vendor "Draytek" | Vigor300b Firmware Search vendor "Draytek" for product "Vigor300b Firmware" | 1.3.3 Search vendor "Draytek" for product "Vigor300b Firmware" and version "1.3.3" | beta |
Affected
| in | Draytek Search vendor "Draytek" | Vigor300b Search vendor "Draytek" for product "Vigor300b" | - | - |
Safe
|
| Draytek Search vendor "Draytek" | Vigor300b Firmware Search vendor "Draytek" for product "Vigor300b Firmware" | 1.4.2.1 Search vendor "Draytek" for product "Vigor300b Firmware" and version "1.4.2.1" | beta |
Affected
| in | Draytek Search vendor "Draytek" | Vigor300b Search vendor "Draytek" for product "Vigor300b" | - | - |
Safe
|
| Draytek Search vendor "Draytek" | Vigor300b Firmware Search vendor "Draytek" for product "Vigor300b Firmware" | 1.4.4 Search vendor "Draytek" for product "Vigor300b Firmware" and version "1.4.4" | beta |
Affected
| in | Draytek Search vendor "Draytek" | Vigor300b Search vendor "Draytek" for product "Vigor300b" | - | - |
Safe
|
| Draytek Search vendor "Draytek" | Vigor3900 Firmware Search vendor "Draytek" for product "Vigor3900 Firmware" | 1.4.4 Search vendor "Draytek" for product "Vigor3900 Firmware" and version "1.4.4" | beta |
Affected
| in | Draytek Search vendor "Draytek" | Vigor3900 Search vendor "Draytek" for product "Vigor3900" | - | - |
Safe
|