Vulnerabilites related to draytek - vigor2620
var-202410-0075
Vulnerability from variot
Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6. DrayTek Corporation of vigor3910 Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0075", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vigor3912", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.6.1", }, { model: "vigor3910", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor2866", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.2", }, { model: "vigor3910", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor2832", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2860", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2962", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor165", scope: "lt", trust: 1, vendor: "draytek", version: "4.2.7", }, { model: "vigor2925", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2763", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2962", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor2915", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigorlte200", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2926", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor3220", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2135", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2952", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2762", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2865", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.2", }, { model: "vigor2962", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor2765", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2620", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2766", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor1000b", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor2862", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor3910", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor1000b", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor166", scope: "lt", trust: 1, vendor: "draytek", version: "4.2.7", }, { model: "vigor2133", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor1000b", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor3910", scope: "eq", trust: 0.8, vendor: "draytek", version: "vigor3910 firmware 4.3.2.8", }, { model: "vigor3910", scope: "eq", trust: 0.8, vendor: "draytek", version: "vigor3910 firmware 4.4.0.0 that's all 4.4.3.1", }, { model: "vigor3910", scope: "eq", trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor3910", scope: null, trust: 0.8, vendor: "draytek", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009832", }, { db: "NVD", id: "CVE-2024-41587", }, ], }, cve: "CVE-2024-41587", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.3, id: "CVE-2024-41587", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 5.4, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2024-41587", impactScore: null, integrityImpact: "Low", privilegesRequired: "Low", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2024-41587", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2024-41587", trust: 0.8, value: "Medium", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009832", }, { db: "NVD", id: "CVE-2024-41587", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6. DrayTek Corporation of vigor3910 Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2024-41587", }, { db: "JVNDB", id: "JVNDB-2024-009832", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2024-41587", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2024-009832", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009832", }, { db: "NVD", id: "CVE-2024-41587", }, ], }, id: "VAR-202410-0075", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6666667, }, last_update_date: "2024-10-08T23:27:00.949000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009832", }, { db: "NVD", id: "CVE-2024-41587", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { trust: 1, url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2024-41587", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009832", }, { db: "NVD", id: "CVE-2024-41587", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2024-009832", }, { db: "NVD", id: "CVE-2024-41587", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-10-07T00:00:00", db: "JVNDB", id: "JVNDB-2024-009832", }, { date: "2024-10-03T19:15:04.310000", db: "NVD", id: "CVE-2024-41587", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-10-07T03:05:00", db: "JVNDB", id: "JVNDB-2024-009832", }, { date: "2024-10-08T15:32:18.313000", db: "NVD", id: "CVE-2024-41587", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "DrayTek Corporation of vigor3910 Cross-site scripting vulnerability in firmware", sources: [ { db: "JVNDB", id: "JVNDB-2024-009832", }, ], trust: 0.8, }, }
var-202410-0281
Vulnerability from variot
DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow. vigor3912 firmware, vigor2962 firmware, vigor3910 firmware etc. DrayTek Corporation The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0281", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vigor3912", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.6.1", }, { model: "vigor3910", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor2866", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.2", }, { model: "vigor3910", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor2832", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2860", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2962", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor165", scope: "lt", trust: 1, vendor: "draytek", version: "4.2.7", }, { model: "vigor2925", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2763", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2962", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor2915", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigorlte200", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2926", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor3220", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2135", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2952", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2762", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2865", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.2", }, { model: "vigor2962", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor2765", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2620", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2766", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor1000b", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor2862", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor3910", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor1000b", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor166", scope: "lt", trust: 1, vendor: "draytek", version: "4.2.7", }, { model: "vigor2133", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor1000b", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor2766", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2866", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2765", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2865", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor165", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2962", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor3910", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2133", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2762", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigorlte200", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor1000b", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2915", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor3912", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2620", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2763", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2135", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor166", scope: null, trust: 0.8, vendor: "draytek", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009968", }, { db: "NVD", id: "CVE-2024-41593", }, ], }, cve: "CVE-2024-41593", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2024-41593", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2024-41593", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2024-41593", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2024-41593", trust: 0.8, value: "Critical", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009968", }, { db: "NVD", id: "CVE-2024-41593", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow. vigor3912 firmware, vigor2962 firmware, vigor3910 firmware etc. DrayTek Corporation The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2024-41593", }, { db: "JVNDB", id: "JVNDB-2024-009968", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2024-41593", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2024-009968", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009968", }, { db: "NVD", id: "CVE-2024-41593", }, ], }, id: "VAR-202410-0281", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6666667, }, last_update_date: "2024-10-13T23:21:57.296000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009968", }, { db: "NVD", id: "CVE-2024-41593", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { trust: 1, url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2024-41593", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009968", }, { db: "NVD", id: "CVE-2024-41593", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2024-009968", }, { db: "NVD", id: "CVE-2024-41593", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-10-09T00:00:00", db: "JVNDB", id: "JVNDB-2024-009968", }, { date: "2024-10-03T19:15:04.740000", db: "NVD", id: "CVE-2024-41593", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-10-09T00:45:00", db: "JVNDB", id: "JVNDB-2024-009968", }, { date: "2024-10-08T15:35:04.583000", db: "NVD", id: "CVE-2024-41593", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural DrayTek Corporation Out-of-bounds write vulnerabilities in the product", sources: [ { db: "JVNDB", id: "JVNDB-2024-009968", }, ], trust: 0.8, }, }
var-202410-0186
Vulnerability from variot
DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS. vigor2620 firmware, vigor2915 firmware, vigor2866 firmware etc. DrayTek Corporation A cross-site scripting vulnerability exists in the product.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0186", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vigor2866", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.2", }, { model: "vigor3910", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor3912", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.6.1", }, { model: "vigor3910", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor2832", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2860", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2962", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor165", scope: "lt", trust: 1, vendor: "draytek", version: "4.2.7", }, { model: "vigor2925", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2763", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2962", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor2915", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigorlte200", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2926", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor3220", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2135", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2952", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2762", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2865", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.2", }, { model: "vigor2962", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor2765", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2620", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2766", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor1000b", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor2862", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor3910", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor166", scope: "lt", trust: 1, vendor: "draytek", version: "4.2.7", }, { model: "vigor1000b", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor2133", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor1000b", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor2766", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2866", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2765", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2865", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor165", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2962", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor3910", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2133", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2762", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigorlte200", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor1000b", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2915", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor3912", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2620", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2763", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2135", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor166", scope: null, trust: 0.8, vendor: "draytek", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009985", }, { db: "NVD", id: "CVE-2024-41591", }, ], }, cve: "CVE-2024-41591", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2024-41591", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2024-41591", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2024-41591", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2024-41591", trust: 0.8, value: "Medium", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009985", }, { db: "NVD", id: "CVE-2024-41591", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS. vigor2620 firmware, vigor2915 firmware, vigor2866 firmware etc. DrayTek Corporation A cross-site scripting vulnerability exists in the product.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2024-41591", }, { db: "JVNDB", id: "JVNDB-2024-009985", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2024-41591", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2024-009985", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009985", }, { db: "NVD", id: "CVE-2024-41591", }, ], }, id: "VAR-202410-0186", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6666667, }, last_update_date: "2024-10-11T23:01:21.952000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009985", }, { db: "NVD", id: "CVE-2024-41591", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { trust: 1, url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2024-41591", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009985", }, { db: "NVD", id: "CVE-2024-41591", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2024-009985", }, { db: "NVD", id: "CVE-2024-41591", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-10-09T00:00:00", db: "JVNDB", id: "JVNDB-2024-009985", }, { date: "2024-10-03T19:15:04.560000", db: "NVD", id: "CVE-2024-41591", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-10-09T01:14:00", db: "JVNDB", id: "JVNDB-2024-009985", }, { date: "2024-10-08T15:34:46.453000", db: "NVD", id: "CVE-2024-41591", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural DrayTek Corporation Cross-site scripting vulnerability in the product", sources: [ { db: "JVNDB", id: "JVNDB-2024-009985", }, ], trust: 0.8, }, }
var-202410-0179
Vulnerability from variot
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL. vigor2620 firmware, vigor2915 firmware, vigor2866 firmware etc. DrayTek Corporation The product contains a cryptographic strength vulnerability.Information may be obtained
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0179", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vigor2866", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.2", }, { model: "vigor3910", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor3912", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.6.1", }, { model: "vigor3910", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor2832", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2860", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2962", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor165", scope: "lt", trust: 1, vendor: "draytek", version: "4.2.7", }, { model: "vigor2925", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2763", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2962", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor2915", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigorlte200", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2926", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor3220", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2135", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2952", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2762", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2865", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.2", }, { model: "vigor2962", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor2765", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor2620", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor2766", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.5.3", }, { model: "vigor1000b", scope: "lt", trust: 1, vendor: "draytek", version: "4.4.3.1", }, { model: "vigor2862", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor3910", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor166", scope: "lt", trust: 1, vendor: "draytek", version: "4.2.7", }, { model: "vigor1000b", scope: "lt", trust: 1, vendor: "draytek", version: "4.3.2.8", }, { model: "vigor2133", scope: "eq", trust: 1, vendor: "draytek", version: "*", }, { model: "vigor1000b", scope: "gte", trust: 1, vendor: "draytek", version: "4.4.0.0", }, { model: "vigor2766", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2866", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2765", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2865", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor165", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2962", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor3910", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2133", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2762", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigorlte200", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor1000b", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2915", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor3912", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2620", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2763", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor2135", scope: null, trust: 0.8, vendor: "draytek", version: null, }, { model: "vigor166", scope: null, trust: 0.8, vendor: "draytek", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009984", }, { db: "NVD", id: "CVE-2024-41594", }, ], }, cve: "CVE-2024-41594", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2024-41594", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2024-41594", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2024-41594", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2024-41594", trust: 0.8, value: "High", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009984", }, { db: "NVD", id: "CVE-2024-41594", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL. vigor2620 firmware, vigor2915 firmware, vigor2866 firmware etc. DrayTek Corporation The product contains a cryptographic strength vulnerability.Information may be obtained", sources: [ { db: "NVD", id: "CVE-2024-41594", }, { db: "JVNDB", id: "JVNDB-2024-009984", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2024-41594", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2024-009984", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009984", }, { db: "NVD", id: "CVE-2024-41594", }, ], }, id: "VAR-202410-0179", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6666667, }, last_update_date: "2024-10-10T23:21:46.664000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-326", trust: 1, }, { problemtype: "Inappropriate cryptographic strength (CWE-326) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009984", }, { db: "NVD", id: "CVE-2024-41594", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { trust: 1, url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2024-41594", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-009984", }, { db: "NVD", id: "CVE-2024-41594", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2024-009984", }, { db: "NVD", id: "CVE-2024-41594", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-10-09T00:00:00", db: "JVNDB", id: "JVNDB-2024-009984", }, { date: "2024-10-03T19:15:04.800000", db: "NVD", id: "CVE-2024-41594", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-10-09T01:14:00", db: "JVNDB", id: "JVNDB-2024-009984", }, { date: "2024-10-08T15:31:47.907000", db: "NVD", id: "CVE-2024-41594", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural DrayTek Corporation Vulnerability related to encryption strength in products", sources: [ { db: "JVNDB", id: "JVNDB-2024-009984", }, ], trust: 0.8, }, }
cve-2024-41594
Vulnerability from cvelistv5
Published
2024-10-03 00:00
Modified
2025-03-19 15:38
Severity ?
EPSS score ?
Summary
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-41594", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-19T15:22:51.555504Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-326", description: "CWE-326 Inadequate Encryption Strength", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-19T15:38:27.511Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-03T18:29:39.340Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-41594", datePublished: "2024-10-03T00:00:00.000Z", dateReserved: "2024-07-18T00:00:00.000Z", dateUpdated: "2025-03-19T15:38:27.511Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-41591
Vulnerability from cvelistv5
Published
2024-10-03 00:00
Modified
2025-03-14 15:36
Severity ?
EPSS score ?
Summary
DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-41591", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-03T19:14:46.529762Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-14T15:36:23.805Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-03T18:26:22.678Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-41591", datePublished: "2024-10-03T00:00:00.000Z", dateReserved: "2024-07-18T00:00:00.000Z", dateUpdated: "2025-03-14T15:36:23.805Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-41593
Vulnerability from cvelistv5
Published
2024-10-03 00:00
Modified
2025-03-13 18:11
Severity ?
EPSS score ?
Summary
DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-41593", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-13T18:07:09.851527Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-13T18:11:33.093Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-03T18:29:21.947Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-41593", datePublished: "2024-10-03T00:00:00.000Z", dateReserved: "2024-07-18T00:00:00.000Z", dateUpdated: "2025-03-13T18:11:33.093Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31447
Vulnerability from cvelistv5
Published
2023-08-21 00:00
Modified
2024-10-07 17:19
Severity ?
EPSS score ?
Summary
user_login.cgi on Draytek Vigor2620 devices before 3.9.8.4 (and on all versions of Vigor2925 devices) allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:53:30.960Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://draytek.com", }, { tags: [ "x_transferred", ], url: "https://gist.github.com/rrrrrrri/013c9eef64b265af4163478bfcf29ff4", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vigor2620", vendor: "draytek", versions: [ { lessThan: "3.9.8.4", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-31447", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-07T17:17:45.683833Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-07T17:19:37.998Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "user_login.cgi on Draytek Vigor2620 devices before 3.9.8.4 (and on all versions of Vigor2925 devices) allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-21T12:23:59.756827", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://draytek.com", }, { url: "https://gist.github.com/rrrrrrri/013c9eef64b265af4163478bfcf29ff4", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-31447", datePublished: "2023-08-21T00:00:00", dateReserved: "2023-04-28T00:00:00", dateUpdated: "2024-10-07T17:19:37.998Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-41587
Vulnerability from cvelistv5
Published
2024-10-03 00:00
Modified
2025-03-18 15:15
Severity ?
EPSS score ?
Summary
Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-41587", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-03T20:24:15.931214Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-18T15:15:51.880Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-03T18:25:02.832Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-41587", datePublished: "2024-10-03T00:00:00.000Z", dateReserved: "2024-07-18T00:00:00.000Z", dateUpdated: "2025-03-18T15:15:51.880Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-08-21 17:15
Modified
2024-11-21 08:01
Severity ?
Summary
user_login.cgi on Draytek Vigor2620 devices before 3.9.8.4 (and on all versions of Vigor2925 devices) allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| draytek | vigor2620_firmware | * | |
| draytek | vigor2620 | - | |
| draytek | vigor2625_firmware | * | |
| draytek | vigor2625 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D18E724C-1F47-4EAD-81DB-EF77A5062CBD", versionEndExcluding: "3.9.8.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", matchCriteriaId: "5D98663B-F2F5-4ADC-9FD5-75846890EEBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2625_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7266D30A-F72B-417F-A9FC-AA13568F5BE3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2625:-:*:*:*:*:*:*:*", matchCriteriaId: "4847017B-E2E6-428E-BB7E-B73563C89F3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "user_login.cgi on Draytek Vigor2620 devices before 3.9.8.4 (and on all versions of Vigor2925 devices) allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code.", }, ], id: "CVE-2023-31447", lastModified: "2024-11-21T08:01:52.957", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-21T17:15:46.847", references: [ { source: "cve@mitre.org", tags: [ "Product", ], url: "https://draytek.com", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://gist.github.com/rrrrrrri/013c9eef64b265af4163478bfcf29ff4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://draytek.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://gist.github.com/rrrrrrri/013c9eef64b265af4163478bfcf29ff4", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-94", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-03 19:15
Modified
2025-03-19 16:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/resources/draybreak-draytek-research/ | Mitigation, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/resources/draytek14-vulnerabilities | Broken Link |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "289E3E0B-6BA4-44B8-968A-AC374B15B631", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", matchCriteriaId: "5D98663B-F2F5-4ADC-9FD5-75846890EEBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E55BCE-BBF0-454B-AE86-45B7298888B3", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", matchCriteriaId: "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89461FD4-897D-44F1-8486-4BCCDE3772DD", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", matchCriteriaId: "871448C6-9183-4828-A287-05F5EC6A44F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B1826F9-0258-44DD-A471-113CF55CE563", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", matchCriteriaId: "60657812-D3A8-4B1B-B7BE-F629991CB053", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A559F44-80F8-44B7-B70F-BA0B78C85283", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", matchCriteriaId: "9EA9DF5D-6651-455A-9305-C42C0FF51F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4AB3320-27F8-4359-AEF8-6B1FDBA67111", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", matchCriteriaId: "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08B9436B-B2FE-4644-BB06-B0537EC23A71", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDBC681E-CD03-49E5-BC3A-E4A7654975A3", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABDC93B5-DC0A-4AA4-A340-382F108AE80B", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "9FF86645-253A-4BA3-BA2A-2725575C390D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59521C99-00BA-4503-823E-3FEA44F8DDA0", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2602941C-255F-4289-9043-D396CC4B3192", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "894E4DDA-D9BE-441D-B447-B1CE52959347", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0549C870-BE10-441A-B07D-0701915E5A9E", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D1A9825-E419-4740-996A-5928D207FCB6", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "BD0C9A21-7CFE-452F-8505-834AB8579D9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84670562-F228-40A0-A38D-144EA62556D3", versionEndExcluding: "4.3.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", matchCriteriaId: "282E5318-DAA8-4AA2-8E7D-4B8BD9162153", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", matchCriteriaId: "4DBF2015-9315-44C8-A9FE-E86146F1958E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43265128-7E8E-4FE2-8488-AC5734A4AF70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", matchCriteriaId: "1878E59C-FB40-435D-940A-8952C56FA88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52F71B18-89B5-42C7-B4B7-448844D6AFBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", matchCriteriaId: "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A96F64C0-09DD-4553-AC5F-D722B8321B0D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", matchCriteriaId: "B0978465-D59F-4C0A-A29F-5D7BE58BA557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2C4077B-C73F-4431-9103-C09960E203E1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", matchCriteriaId: "266C73DE-BFC6-4F3E-B022-559B3971CA44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", matchCriteriaId: "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C470B04-BD57-429B-80FC-328A7D2E35E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", matchCriteriaId: "7536B29C-2030-4331-B8BF-D269D86D199B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A688631-4B36-43CC-AEF8-D390081F01DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", matchCriteriaId: "AF1B117B-603D-493C-A804-C18ED332A221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E207BB52-29F8-4F2F-AA06-855B38E22958", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", matchCriteriaId: "167336E2-AAA8-4424-AB07-2D7C9E1542B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD8437FD-65E2-4203-82B9-8FC32444204A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", matchCriteriaId: "64955940-3998-4B76-92D1-D9F3FAB874B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.", }, { lang: "es", value: "Un problema en los dispositivos DrayTek Vigor310 hasta la versión 4.3.2.6 permite a un atacante obtener información confidencial porque el servidor httpd de la interfaz de administración de Vigor utiliza una cadena estática para inicializar el PRNG de OpenSSL.", }, ], id: "CVE-2024-41594", lastModified: "2025-03-19T16:15:26.387", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-10-03T19:15:04.800", references: [ { source: "cve@mitre.org", tags: [ "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-326", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-326", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-03 19:15
Modified
2025-03-14 16:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/resources/draybreak-draytek-research/ | Mitigation, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/resources/draytek14-vulnerabilities | Broken Link |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "289E3E0B-6BA4-44B8-968A-AC374B15B631", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", matchCriteriaId: "5D98663B-F2F5-4ADC-9FD5-75846890EEBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E55BCE-BBF0-454B-AE86-45B7298888B3", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", matchCriteriaId: "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89461FD4-897D-44F1-8486-4BCCDE3772DD", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", matchCriteriaId: "871448C6-9183-4828-A287-05F5EC6A44F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B1826F9-0258-44DD-A471-113CF55CE563", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", matchCriteriaId: "60657812-D3A8-4B1B-B7BE-F629991CB053", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A559F44-80F8-44B7-B70F-BA0B78C85283", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", matchCriteriaId: "9EA9DF5D-6651-455A-9305-C42C0FF51F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4AB3320-27F8-4359-AEF8-6B1FDBA67111", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", matchCriteriaId: "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08B9436B-B2FE-4644-BB06-B0537EC23A71", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDBC681E-CD03-49E5-BC3A-E4A7654975A3", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABDC93B5-DC0A-4AA4-A340-382F108AE80B", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "9FF86645-253A-4BA3-BA2A-2725575C390D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59521C99-00BA-4503-823E-3FEA44F8DDA0", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2602941C-255F-4289-9043-D396CC4B3192", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "894E4DDA-D9BE-441D-B447-B1CE52959347", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0549C870-BE10-441A-B07D-0701915E5A9E", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D1A9825-E419-4740-996A-5928D207FCB6", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "BD0C9A21-7CFE-452F-8505-834AB8579D9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84670562-F228-40A0-A38D-144EA62556D3", versionEndExcluding: "4.3.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", matchCriteriaId: "282E5318-DAA8-4AA2-8E7D-4B8BD9162153", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", matchCriteriaId: "4DBF2015-9315-44C8-A9FE-E86146F1958E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43265128-7E8E-4FE2-8488-AC5734A4AF70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", matchCriteriaId: "1878E59C-FB40-435D-940A-8952C56FA88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52F71B18-89B5-42C7-B4B7-448844D6AFBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", matchCriteriaId: "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A96F64C0-09DD-4553-AC5F-D722B8321B0D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", matchCriteriaId: "B0978465-D59F-4C0A-A29F-5D7BE58BA557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2C4077B-C73F-4431-9103-C09960E203E1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", matchCriteriaId: "266C73DE-BFC6-4F3E-B022-559B3971CA44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", matchCriteriaId: "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C470B04-BD57-429B-80FC-328A7D2E35E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", matchCriteriaId: "7536B29C-2030-4331-B8BF-D269D86D199B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A688631-4B36-43CC-AEF8-D390081F01DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", matchCriteriaId: "AF1B117B-603D-493C-A804-C18ED332A221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E207BB52-29F8-4F2F-AA06-855B38E22958", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", matchCriteriaId: "167336E2-AAA8-4424-AB07-2D7C9E1542B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD8437FD-65E2-4203-82B9-8FC32444204A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", matchCriteriaId: "64955940-3998-4B76-92D1-D9F3FAB874B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.", }, { lang: "es", value: "Los dispositivos DrayTek Vigor3910 hasta 4.3.2.6 permiten XSS reflejado basado en DOM no autenticado.", }, ], id: "CVE-2024-41591", lastModified: "2025-03-14T16:15:34.730", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-10-03T19:15:04.560", references: [ { source: "cve@mitre.org", tags: [ "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-03 19:15
Modified
2025-03-18 16:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/resources/draybreak-draytek-research/ | Mitigation, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/resources/draytek14-vulnerabilities | Broken Link |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2602941C-255F-4289-9043-D396CC4B3192", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "894E4DDA-D9BE-441D-B447-B1CE52959347", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84670562-F228-40A0-A38D-144EA62556D3", versionEndExcluding: "4.3.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", matchCriteriaId: "282E5318-DAA8-4AA2-8E7D-4B8BD9162153", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0549C870-BE10-441A-B07D-0701915E5A9E", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D1A9825-E419-4740-996A-5928D207FCB6", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "BD0C9A21-7CFE-452F-8505-834AB8579D9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59521C99-00BA-4503-823E-3FEA44F8DDA0", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDBC681E-CD03-49E5-BC3A-E4A7654975A3", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABDC93B5-DC0A-4AA4-A340-382F108AE80B", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "9FF86645-253A-4BA3-BA2A-2725575C390D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08B9436B-B2FE-4644-BB06-B0537EC23A71", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4AB3320-27F8-4359-AEF8-6B1FDBA67111", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", matchCriteriaId: "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A559F44-80F8-44B7-B70F-BA0B78C85283", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", matchCriteriaId: "9EA9DF5D-6651-455A-9305-C42C0FF51F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B1826F9-0258-44DD-A471-113CF55CE563", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", matchCriteriaId: "60657812-D3A8-4B1B-B7BE-F629991CB053", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", matchCriteriaId: "871448C6-9183-4828-A287-05F5EC6A44F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89461FD4-897D-44F1-8486-4BCCDE3772DD", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E55BCE-BBF0-454B-AE86-45B7298888B3", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", matchCriteriaId: "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "289E3E0B-6BA4-44B8-968A-AC374B15B631", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", matchCriteriaId: "5D98663B-F2F5-4ADC-9FD5-75846890EEBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", matchCriteriaId: "4DBF2015-9315-44C8-A9FE-E86146F1958E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43265128-7E8E-4FE2-8488-AC5734A4AF70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", matchCriteriaId: "1878E59C-FB40-435D-940A-8952C56FA88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52F71B18-89B5-42C7-B4B7-448844D6AFBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", matchCriteriaId: "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A96F64C0-09DD-4553-AC5F-D722B8321B0D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", matchCriteriaId: "B0978465-D59F-4C0A-A29F-5D7BE58BA557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2C4077B-C73F-4431-9103-C09960E203E1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", matchCriteriaId: "266C73DE-BFC6-4F3E-B022-559B3971CA44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", matchCriteriaId: "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C470B04-BD57-429B-80FC-328A7D2E35E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", matchCriteriaId: "7536B29C-2030-4331-B8BF-D269D86D199B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A688631-4B36-43CC-AEF8-D390081F01DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", matchCriteriaId: "AF1B117B-603D-493C-A804-C18ED332A221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E207BB52-29F8-4F2F-AA06-855B38E22958", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", matchCriteriaId: "167336E2-AAA8-4424-AB07-2D7C9E1542B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD8437FD-65E2-4203-82B9-8FC32444204A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", matchCriteriaId: "64955940-3998-4B76-92D1-D9F3FAB874B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.", }, { lang: "es", value: "El XSS almacenado, por parte de usuarios autenticados, es causado por una mala desinfección del mensaje de saludo de la página de inicio de sesión en los dispositivos DrayTek Vigor310 hasta 4.3.2.6.", }, ], id: "CVE-2024-41587", lastModified: "2025-03-18T16:15:22.733", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-10-03T19:15:04.310", references: [ { source: "cve@mitre.org", tags: [ "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-03 19:15
Modified
2025-03-13 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/resources/draybreak-draytek-research/ | Mitigation, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/resources/draytek14-vulnerabilities | Broken Link |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84670562-F228-40A0-A38D-144EA62556D3", versionEndExcluding: "4.3.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", matchCriteriaId: "282E5318-DAA8-4AA2-8E7D-4B8BD9162153", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0549C870-BE10-441A-B07D-0701915E5A9E", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D1A9825-E419-4740-996A-5928D207FCB6", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "BD0C9A21-7CFE-452F-8505-834AB8579D9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2602941C-255F-4289-9043-D396CC4B3192", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "894E4DDA-D9BE-441D-B447-B1CE52959347", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59521C99-00BA-4503-823E-3FEA44F8DDA0", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDBC681E-CD03-49E5-BC3A-E4A7654975A3", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABDC93B5-DC0A-4AA4-A340-382F108AE80B", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "9FF86645-253A-4BA3-BA2A-2725575C390D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08B9436B-B2FE-4644-BB06-B0537EC23A71", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4AB3320-27F8-4359-AEF8-6B1FDBA67111", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", matchCriteriaId: "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A559F44-80F8-44B7-B70F-BA0B78C85283", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", matchCriteriaId: "9EA9DF5D-6651-455A-9305-C42C0FF51F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B1826F9-0258-44DD-A471-113CF55CE563", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", matchCriteriaId: "60657812-D3A8-4B1B-B7BE-F629991CB053", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", matchCriteriaId: "871448C6-9183-4828-A287-05F5EC6A44F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89461FD4-897D-44F1-8486-4BCCDE3772DD", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E55BCE-BBF0-454B-AE86-45B7298888B3", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", matchCriteriaId: "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "289E3E0B-6BA4-44B8-968A-AC374B15B631", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", matchCriteriaId: "5D98663B-F2F5-4ADC-9FD5-75846890EEBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", matchCriteriaId: "4DBF2015-9315-44C8-A9FE-E86146F1958E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43265128-7E8E-4FE2-8488-AC5734A4AF70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", matchCriteriaId: "1878E59C-FB40-435D-940A-8952C56FA88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52F71B18-89B5-42C7-B4B7-448844D6AFBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", matchCriteriaId: "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A96F64C0-09DD-4553-AC5F-D722B8321B0D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", matchCriteriaId: "B0978465-D59F-4C0A-A29F-5D7BE58BA557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2C4077B-C73F-4431-9103-C09960E203E1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", matchCriteriaId: "266C73DE-BFC6-4F3E-B022-559B3971CA44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", matchCriteriaId: "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C470B04-BD57-429B-80FC-328A7D2E35E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", matchCriteriaId: "7536B29C-2030-4331-B8BF-D269D86D199B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A688631-4B36-43CC-AEF8-D390081F01DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", matchCriteriaId: "AF1B117B-603D-493C-A804-C18ED332A221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E207BB52-29F8-4F2F-AA06-855B38E22958", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", matchCriteriaId: "167336E2-AAA8-4424-AB07-2D7C9E1542B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD8437FD-65E2-4203-82B9-8FC32444204A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", matchCriteriaId: "64955940-3998-4B76-92D1-D9F3FAB874B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow.", }, { lang: "es", value: "Los dispositivos DrayTek Vigor310 hasta 4.3.2.6 permiten a un atacante remoto ejecutar código arbitrario a través de la función ft_payload_dns(), porque se produce una operación de extensión de signo de byte para el argumento de longitud de una llamada _memcpy, lo que lleva a un desbordamiento de búfer basado en el montón.", }, ], id: "CVE-2024-41593", lastModified: "2025-03-13T19:15:47.260", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-10-03T19:15:04.740", references: [ { source: "cve@mitre.org", tags: [ "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }