Vulnerabilites related to draytek - vigor2765ax_firmware
cve-2023-33778
Vulnerability from cvelistv5
Published
2023-06-01 00:00
Modified
2025-01-09 17:24
Severity ?
EPSS score ?
Summary
Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their own account. Attackers are then able to create WCF and DrayDDNS licenses and synchronize them from the website.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:47:06.496Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-33778", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-09T17:24:27.672008Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-798", description: "CWE-798 Use of Hard-coded Credentials", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-09T17:24:35.184Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their own account. Attackers are then able to create WCF and DrayDDNS licenses and synchronize them from the website.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-01T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-33778", datePublished: "2023-06-01T00:00:00", dateReserved: "2023-05-22T00:00:00", dateUpdated: "2025-01-09T17:24:35.184Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-23313
Vulnerability from cvelistv5
Published
2023-03-03 00:00
Modified
2025-03-07 16:33
Severity ?
EPSS score ?
Summary
Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4.4.2.2; and Vigor2915, Vigor2765, Vigor2766, Vigor2135 v4.4.2.0; Vigor2763 v4.4.2.1; Vigor2862 and Vigor2926 v3.9.9.0; Vigor2925 v3.9.3; Vigor2952 and Vigor3220 v3.9.7.3; Vigor2133 and Vigor2762 v3.9.6.4; and Vigor2832 v3.9.6.2.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:28:40.675Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.draytek.com/about/security-advisory/cross-site-scripting-vulnerability-%28cve-2023-23313%29/", }, { tags: [ "x_transferred", ], url: "https://www.horizonconsulting.com/advisories23-Multiple-XSS-Stored-in-DrayTek-routers-CVE-2023-23313", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-23313", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-07T16:32:55.557112Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-07T16:33:57.302Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4.4.2.2; and Vigor2915, Vigor2765, Vigor2766, Vigor2135 v4.4.2.0; Vigor2763 v4.4.2.1; Vigor2862 and Vigor2926 v3.9.9.0; Vigor2925 v3.9.3; Vigor2952 and Vigor3220 v3.9.7.3; Vigor2133 and Vigor2762 v3.9.6.4; and Vigor2832 v3.9.6.2.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-19T00:00:00.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.draytek.com/about/security-advisory/cross-site-scripting-vulnerability-%28cve-2023-23313%29/", }, { url: "https://www.horizonconsulting.com/advisories23-Multiple-XSS-Stored-in-DrayTek-routers-CVE-2023-23313", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-23313", datePublished: "2023-03-03T00:00:00.000Z", dateReserved: "2023-01-11T00:00:00.000Z", dateUpdated: "2025-03-07T16:33:57.302Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-03-03 22:15
Modified
2025-03-07 17:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4.4.2.2; and Vigor2915, Vigor2765, Vigor2766, Vigor2135 v4.4.2.0; Vigor2763 v4.4.2.1; Vigor2862 and Vigor2926 v3.9.9.0; Vigor2925 v3.9.3; Vigor2952 and Vigor3220 v3.9.7.3; Vigor2133 and Vigor2762 v3.9.6.4; and Vigor2832 v3.9.6.2.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C69AB3BE-7E50-4315-AB58-C33C49E8BB30", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", matchCriteriaId: "266C73DE-BFC6-4F3E-B022-559B3971CA44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12F8DFDE-A5B0-44C2-ABAF-109058B56134", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860n:-:*:*:*:*:*:*:*", matchCriteriaId: "499BAE46-109A-4BD5-BFBD-9EB8FD824196", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860n-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A0B678C-D666-4225-8756-727BFC699284", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860n-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "896A175A-89F5-4120-A181-C300FE0C5DF8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860vn-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B7D5E6C-F079-422F-B18F-22E8D82D37F5", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860vn-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "BFFB93AF-0BD9-499C-AC77-E5B78D2FF51C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11C4E10B-0C86-4103-87C4-E9154014ECBD", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860ac:-:*:*:*:*:*:*:*", matchCriteriaId: "BED772E6-7A3B-44DA-B0AE-6EDB09C646B6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "594D3E56-7A7C-4A17-8BE9-DC08C6AB2662", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860vac:-:*:*:*:*:*:*:*", matchCriteriaId: "997B7B3F-F81A-4644-BB79-8DC79E6ADD0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C90047D4-532C-4B75-BACC-CBCC77F82361", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860l:-:*:*:*:*:*:*:*", matchCriteriaId: "5437856D-50E6-497E-AE7E-15C3D8F2CD41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "178EE86C-DE2A-42EB-B27E-CC6615BB8618", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860ln:-:*:*:*:*:*:*:*", matchCriteriaId: "4DE2B9AA-B33E-4689-8765-56603FA3A5EF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F4E9EBB3-C5D0-41DC-93F4-9BBCE183A1B0", versionEndExcluding: "3.9.6.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", matchCriteriaId: "B0978465-D59F-4C0A-A29F-5D7BE58BA557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E3C1158-B7E0-4B14-ACB8-11C9D080C6E1", versionEndExcluding: "3.9.6.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832n:-:*:*:*:*:*:*:*", matchCriteriaId: "B22E55C6-F71F-4EA7-B679-895A012B7020", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D205DD2E-3787-4345-BE2D-639E4576E4F2", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1405F9A0-3D26-4412-8ADE-FBAD8215A860", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766ax:-:*:*:*:*:*:*:*", matchCriteriaId: "4B3D0E87-A5A2-4828-A79D-DB10FE6BC4D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "65B95391-36FA-43EB-BFB5-7F6E66FE2161", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766ac:-:*:*:*:*:*:*:*", matchCriteriaId: "787134FE-0549-427D-A9CE-32B1C58BC954", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95026A20-EB1B-49F4-ADBE-7CD3094C9E92", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766vac:-:*:*:*:*:*:*:*", matchCriteriaId: "228DC583-B6BC-4948-A167-53C49B6D04B2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1FA8A23-F2A8-4EBE-ACEE-99C3879C8AC7", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", matchCriteriaId: "60657812-D3A8-4B1B-B7BE-F629991CB053", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "849F90B6-C7AE-437E-8A47-56A64C43EBD9", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765ax:-:*:*:*:*:*:*:*", matchCriteriaId: "F653097B-9197-43A9-A9B4-8AA6EAFC5666", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "60411E51-9FE5-415F-A5A7-B392B69AFD4C", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765ac:-:*:*:*:*:*:*:*", matchCriteriaId: "F1B9AF22-089B-41FB-8E30-BED3E4CE32ED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765va_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1DAF2A5-0129-42F3-9157-6D8CEA3B808F", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765va:-:*:*:*:*:*:*:*", matchCriteriaId: "BA2C3E48-B40E-4E2D-BA7E-111FA3CC5ADA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DEA4A96F-598F-46F6-B634-E34683D72C34", versionEndExcluding: "4.4.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", matchCriteriaId: "9EA9DF5D-6651-455A-9305-C42C0FF51F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDB9FADB-2C06-40C9-A895-C5396F9B3BC0", versionEndExcluding: "4.4.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763ac:-:*:*:*:*:*:*:*", matchCriteriaId: "BC9BF014-B8EA-4DD9-8320-627C3D276596", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "247A0B24-5A88-42A1-A54E-566530CE599A", versionEndExcluding: "3.9.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", matchCriteriaId: "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4FE71C5B-EEE1-4903-96A2-47D2B318E6DA", versionEndExcluding: "3.9.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762n:-:*:*:*:*:*:*:*", matchCriteriaId: "47B532B5-386F-4C4C-8554-C73409124306", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5BC3CD7-1876-45FE-9BB2-37BE9CCC7D8C", versionEndExcluding: "3.9.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEA5BFB-5D2F-44B2-B995-0675243264CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "125E3846-5419-474E-B6C7-D407239B43FD", versionEndExcluding: "3.9.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762vac:-:*:*:*:*:*:*:*", matchCriteriaId: "1F97B07D-BC53-42A4-BBA3-D9CF5D474C9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED11EF06-B83B-410C-A2D1-0841CF25F61F", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", matchCriteriaId: "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4003BBE0-09BA-46D0-9683-3855E5F0AAD9", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135ax:-:*:*:*:*:*:*:*", matchCriteriaId: "9C37EA55-2526-4130-A57C-65950A5DFE57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A16548F6-3D21-4875-B462-FDC5AF9A642A", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135ac:-:*:*:*:*:*:*:*", matchCriteriaId: "77D227B7-1121-4657-A621-AF0C0E766D90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "06507A17-10FC-42CF-A81B-DC5BA7575CFF", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135vac:-:*:*:*:*:*:*:*", matchCriteriaId: "AAC1C9BE-31B5-47DD-BE09-0984EE29A957", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135fvac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D86329F8-FF42-4477-BE57-A0B25AAB5FBB", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135fvac:-:*:*:*:*:*:*:*", matchCriteriaId: "625DE418-F506-4579-9C25-04DCD0FBC7ED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "064DB573-532E-418B-BAED-78AA19B0CADA", versionEndExcluding: "3.9.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", matchCriteriaId: "1878E59C-FB40-435D-940A-8952C56FA88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27258517-C97A-4A9E-AD0A-D27E49E7C39F", versionEndExcluding: "3.9.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133n:-:*:*:*:*:*:*:*", matchCriteriaId: "A3F57E3F-8FFB-4A48-8BFD-5245D1EF2B80", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F1039C4-B2E1-48E2-A177-372B6285C6D9", versionEndExcluding: "3.9.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133ac:-:*:*:*:*:*:*:*", matchCriteriaId: "196CE92C-805E-4B6A-8EA8-7A49515FB617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5D3D2B2-8BD4-4654-A801-04E999CC28C8", versionEndExcluding: "3.9.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133vac:-:*:*:*:*:*:*:*", matchCriteriaId: "4B81C46C-C837-4C10-AE7F-9E98A1A9E15C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133fvac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A877CD3-16CA-4461-8D1B-A56E242B2B09", versionEndExcluding: "3.9.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133fvac:-:*:*:*:*:*:*:*", matchCriteriaId: "C1999AE2-3E6E-4D18-8FF1-D2A853B5975F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1ADA571-2AA2-46FC-8B0D-74E44C4AE4CF", versionEndExcluding: "4.2.4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84121576-0E77-4CFB-9C9B-3ABCA7CAC0B8", versionEndExcluding: "4.2.4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C20E7E09-4B2A-4134-B7AB-78EE38FB2001", versionEndExcluding: "3.8.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor130:-:*:*:*:*:*:*:*", matchCriteriaId: "D7194998-2D96-43DE-85B6-35A8E474C695", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigornic_132_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6062FBA9-6034-44E2-BD4F-1F06BDD291B2", versionEndExcluding: "3.8.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigornic_132:-:*:*:*:*:*:*:*", matchCriteriaId: "B523DCD7-27FA-4376-BB96-A9C8CD39C4B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A5DB539-227A-4AAD-A853-D6A88ADAD510", versionEndExcluding: "4.3.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "82F03C0D-CCD6-49DA-83DA-54C861551C17", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor3220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99B2A2D0-C7EB-4108-97A4-9D97C9EE63E7", versionEndExcluding: "3.9.7.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor3220:-:*:*:*:*:*:*:*", matchCriteriaId: "D4A5F144-CB45-472D-8E20-5A04471AD2F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40A252DC-0DC7-4F8A-8E3D-20F08D1CFC8C", versionEndExcluding: "4.3.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "7F9D2786-6228-4AFC-835B-D64AB6116630", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2962p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C43C95A-752D-46C0-B79B-4F45D05C6F62", versionEndExcluding: "4.3.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2962p:-:*:*:*:*:*:*:*", matchCriteriaId: "BCDB3A87-7A61-4BB9-9D35-DF1588FFD21C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF628882-657A-4417-9664-4A73975E0961", versionEndExcluding: "4.3.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "D5296C5E-0057-4504-8E18-56A0623F0A82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2952_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5E8EBA6-1221-4FE7-84DE-DFA92E5C7FD0", versionEndExcluding: "3.9.7.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2952:-:*:*:*:*:*:*:*", matchCriteriaId: "53EDEDCA-1623-454D-972D-C44A01554702", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2952p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5DC5397C-A77D-458A-B599-849283E665D4", versionEndExcluding: "3.9.7.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2952p:-:*:*:*:*:*:*:*", matchCriteriaId: "A76B7DCB-87B3-48C6-92FE-8C85E7B27CB7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2927_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6E6E369-1A34-4289-89B6-E91E82AB9E46", versionEndExcluding: "4.4.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2927:-:*:*:*:*:*:*:*", matchCriteriaId: "EC44B279-5873-43B7-81FE-74249229B099", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2927ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "65BDC4C4-8EDC-42E9-B271-14735F65C2B3", versionEndExcluding: "4.4.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2927ax:-:*:*:*:*:*:*:*", matchCriteriaId: "53101711-7D2A-4C3E-947F-390E266691C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2927ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D2A696E5-AAF2-4191-B4FD-34CCCFD2A296", versionEndExcluding: "4.4.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2927ac:-:*:*:*:*:*:*:*", matchCriteriaId: "00807E08-CA52-4F54-9973-3040DB31B69B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2927vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53F4A065-081B-4C41-B908-B1E1AF183708", versionEndExcluding: "4.4.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2927vac:-:*:*:*:*:*:*:*", matchCriteriaId: "8B0639DA-FFC8-4836-9582-837E85C25D7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2927f_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25E5D1FF-8265-4387-9F9A-E036EF35B8C2", versionEndExcluding: "4.4.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2927f:-:*:*:*:*:*:*:*", matchCriteriaId: "E46C5FA7-B751-4567-B88D-2516F6601F26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2927l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9113CCB6-B005-4F8E-8A63-4253781B56B5", versionEndExcluding: "4.4.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2927l:-:*:*:*:*:*:*:*", matchCriteriaId: "7C180295-BD70-42B3-8F94-937E546DF684", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2927lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53A600B6-8382-4C31-B9E8-DB4D0AC64E64", versionEndExcluding: "4.4.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2927lac:-:*:*:*:*:*:*:*", matchCriteriaId: "1905D290-A2CD-4E89-8871-E2B868A4706B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2926_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F51AFB18-4BC7-4520-A946-512D32018A48", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2926:-:*:*:*:*:*:*:*", matchCriteriaId: "E88E14F7-49FD-4C7C-A464-1472F83C02EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2926n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "355C3BC9-3E08-412C-9BF1-272BE1164B04", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2926n:-:*:*:*:*:*:*:*", matchCriteriaId: "4F710B59-2FD4-4248-AD49-E2AA2A55E60F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2926ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13DADABC-446E-40AD-8DB1-25677CEFCC40", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2926ac:-:*:*:*:*:*:*:*", matchCriteriaId: "8CF45B8C-D9C5-4898-9672-01505598538D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2926vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39423B29-38C5-4907-BAA7-D5F8E5CAD41A", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2926vac:-:*:*:*:*:*:*:*", matchCriteriaId: "F096A7D2-5D76-4E6E-B008-4ADE281F76B6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2926l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1640446B-A0D7-4C84-9917-7C3729C1EC17", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2926l:-:*:*:*:*:*:*:*", matchCriteriaId: "F652A445-B22C-4CF0-98A0-F28622FC5B18", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2926ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18979C33-41FC-40FD-9647-180B46ACF28F", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2926ln:-:*:*:*:*:*:*:*", matchCriteriaId: "F12F1783-00AE-46AD-A5C6-684C9DC86685", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2926lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34898CE3-AFB0-4473-8198-A28E5C2199B0", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2926lac:-:*:*:*:*:*:*:*", matchCriteriaId: "451679D5-B1A5-4985-A4FC-E2690B773BD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2925_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A1F5282-0213-434F-B4FA-B26C0408CC12", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2925:-:*:*:*:*:*:*:*", matchCriteriaId: "EEC6EF57-5F16-4D45-851C-E36E91FAD065", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2925n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2672643C-495C-429F-80BC-6F1C52455A05", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2925n:-:*:*:*:*:*:*:*", matchCriteriaId: "80CF03F7-AF76-4868-BCB7-AF1E113BAAFA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2925n-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0DFB22C-6888-417D-AD46-23CE9F902D97", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2925n-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "F3BC8600-C739-4E4B-8088-A8A7DCDD89B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2925vn-plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA20CC1D-476B-4901-B659-97326A02D6BD", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2925vn-plus:-:*:*:*:*:*:*:*", matchCriteriaId: "A7720BC2-0677-4651-87F0-60477FDAE7CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2925ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "26DEA194-4872-4C8C-9DBB-668841F729D2", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2925ac:-:*:*:*:*:*:*:*", matchCriteriaId: "C8D94A36-58AB-482C-B246-DA0C4AB22845", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2925vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A88E3963-3A90-486E-AF8C-CC2FD1A4CB90", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2925vac:-:*:*:*:*:*:*:*", matchCriteriaId: "B166193F-41B7-4233-857E-F2AF0A588F38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2925fn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1AB1D035-AF79-4823-95A5-FC3E24552327", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2925fn:-:*:*:*:*:*:*:*", matchCriteriaId: "CEEEDB58-2691-4996-B0EE-B6A1B37F7B4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2925l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A27F20A0-227B-4E13-87A5-FC3A58B3B4E6", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2925l:-:*:*:*:*:*:*:*", matchCriteriaId: "DE06F34D-6E06-4159-99D6-96A3EC4D9CA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2925ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1BCFDDA8-DBC1-44D1-8B61-1F0CEAE8E28A", versionEndExcluding: "3.9.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2925ln:-:*:*:*:*:*:*:*", matchCriteriaId: "BCF4FF06-20A1-48A5-B4C1-82CD988CFE0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2915_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1DD6F695-46C6-4370-92D4-D85F7889FFA0", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2915:-:*:*:*:*:*:*:*", matchCriteriaId: "2C801847-E96C-4A5C-BB2A-D0F7412AF426", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2915ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F30B1859-3EDE-4807-90D0-4F08E10CE15A", versionEndExcluding: "4.4.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2915ac:-:*:*:*:*:*:*:*", matchCriteriaId: "9CC39403-D69A-463A-BC36-01A346F39563", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2866_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E3E4D76E-C5F3-47C1-9C02-73CAD9536C14", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2866:-:*:*:*:*:*:*:*", matchCriteriaId: "916E22AD-6E90-4799-97C1-9B6076BF8692", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2866ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC62E66F-46B0-413C-8563-561F4FE3C5F8", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2866ax:-:*:*:*:*:*:*:*", matchCriteriaId: "CA51BF57-FE52-4050-AD5A-FE755FE8E304", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2866ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5CE07C9E-3CA2-494B-AE45-CAAD2CE7C61D", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2866ac:-:*:*:*:*:*:*:*", matchCriteriaId: "E5CD2EEE-3586-49C6-97CC-A6C35F832A16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2866vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A552DF1-0F67-47A3-962D-8C6691F51B85", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2866vac:-:*:*:*:*:*:*:*", matchCriteriaId: "1716A531-93C4-44EA-BBF1-10AC412D70FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2866l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754F101F-CD17-49FC-BB78-B2A25BA814A8", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2866l:-:*:*:*:*:*:*:*", matchCriteriaId: "8B5C20CF-9216-45B4-82EC-02D0C3890C7E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2866lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2FDF5FFF-C18D-4687-B67C-9474B1914B2B", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2866lac:-:*:*:*:*:*:*:*", matchCriteriaId: "4A121B16-E31F-4A8B-8B22-D1D29DF0CC08", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2865_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F144A7E6-671C-4C42-867F-90019C497626", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2865:-:*:*:*:*:*:*:*", matchCriteriaId: "48FB2C00-1224-4089-90EC-096E9B6B7D59", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2865ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E63877-6C2E-4DBF-A674-E85DA536C763", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2865ax:-:*:*:*:*:*:*:*", matchCriteriaId: "AEB2B256-D66A-4FCB-9BCD-859207396597", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2865ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4EFAF008-4AA1-487B-BECE-A6EB3217F541", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2865ac:-:*:*:*:*:*:*:*", matchCriteriaId: "34F29220-4011-4E6A-9BD1-5D4BF2A6E30F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2865vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E460D9A5-52D2-4DC8-8D8A-B241AA8967C8", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2865vac:-:*:*:*:*:*:*:*", matchCriteriaId: "A41FDE27-CF79-4D24-8750-5F3404D0F7DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2865l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6DEA3DED-9CA8-4DBD-8225-4BED2A8163E4", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2865l:-:*:*:*:*:*:*:*", matchCriteriaId: "8C7BEA7A-90E2-401E-90CA-531413DDB52E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2865lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "453FC249-363F-4A07-BFFE-90FBE947DCD9", versionEndExcluding: "4.4.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2865lac:-:*:*:*:*:*:*:*", matchCriteriaId: "B9256371-2614-4EEC-A3D7-5F3BB640CE65", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2862_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "97F0BFDD-2741-4199-A7D1-B1D8207C4854", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2862:-:*:*:*:*:*:*:*", matchCriteriaId: "64FC405E-AE73-4BDE-8AD3-3C9A5114E09C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2862n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84D980BE-6B26-4253-9841-1CFBA2E8640B", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2862n:-:*:*:*:*:*:*:*", matchCriteriaId: "99A79B15-EE49-49A9-B73D-2144BD1D0576", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2862ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "301DE6C8-72CE-4065-89DC-973C16DDBE5D", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2862ac:-:*:*:*:*:*:*:*", matchCriteriaId: "6D7DA0D3-B58F-47C6-9129-405F343D7B6E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2862vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E484FF9C-AD68-4F82-8DC3-BBB660C6F0C9", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2862vac:-:*:*:*:*:*:*:*", matchCriteriaId: "E4625E2E-9266-4EAA-9A1A-CECE2F13621A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2862b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "917E51E4-5E83-47E3-BF92-E40F923F4B98", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2862b:-:*:*:*:*:*:*:*", matchCriteriaId: "7D69821B-8B5E-4524-8BD6-18F8C08C50E1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2862bn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D460BD2D-F9C7-4D58-9542-AAAC1A414941", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2862bn:-:*:*:*:*:*:*:*", matchCriteriaId: "0B94EF99-BC59-4854-B2F1-40F9C95C6615", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2862l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "98FA8473-6FF6-4D71-9862-464291C664E5", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2862l:-:*:*:*:*:*:*:*", matchCriteriaId: "CA6D5FD5-10A9-4789-B9F9-B001F0EB6F73", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2862ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6468CE20-2725-410D-8BD2-37CEC1C7D5CF", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2862ln:-:*:*:*:*:*:*:*", matchCriteriaId: "A6AB1EBB-3ACD-44D1-A161-7FE30151EC30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:virgor2862lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "733009ED-C49D-4C6E-AE9E-9C3257E442D9", versionEndExcluding: "3.9.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:virgor2862lac:-:*:*:*:*:*:*:*", matchCriteriaId: "659DCBC2-EF52-4EC5-BA5B-CD7E9D7B8221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4.4.2.2; and Vigor2915, Vigor2765, Vigor2766, Vigor2135 v4.4.2.0; Vigor2763 v4.4.2.1; Vigor2862 and Vigor2926 v3.9.9.0; Vigor2925 v3.9.3; Vigor2952 and Vigor3220 v3.9.7.3; Vigor2133 and Vigor2762 v3.9.6.4; and Vigor2832 v3.9.6.2.", }, ], id: "CVE-2023-23313", lastModified: "2025-03-07T17:15:16.473", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-03-03T22:15:09.690", references: [ { source: "cve@mitre.org", url: "https://www.draytek.com/about/security-advisory/cross-site-scripting-vulnerability-%28cve-2023-23313%29/", }, { source: "cve@mitre.org", url: "https://www.horizonconsulting.com/advisories23-Multiple-XSS-Stored-in-DrayTek-routers-CVE-2023-23313", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.draytek.com/about/security-advisory/cross-site-scripting-vulnerability-%28cve-2023-23313%29/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.horizonconsulting.com/advisories23-Multiple-XSS-Stored-in-DrayTek-routers-CVE-2023-23313", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-01 04:15
Modified
2025-01-09 18:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their own account. Attackers are then able to create WCF and DrayDDNS licenses and synchronize them from the website.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:draytek:myvigor:*:*:*:*:*:*:*:*", matchCriteriaId: "FB9A5891-1058-42FE-8D36-987E967D5481", versionEndExcluding: "2.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_pq2200xb_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BCB0DEE3-60C3-49F8-9A6C-47826AFF388D", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_pq2200xb:-:*:*:*:*:*:*:*", matchCriteriaId: "5A822A86-C784-4AED-B367-4D39609D93E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_pq2121x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "35B88F62-BC7C-47AA-80F3-3BEDB0D5E5EA", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_pq2121x:-:*:*:*:*:*:*:*", matchCriteriaId: "DB7AFBE0-9E98-4B46-9517-B73509F5944D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_p2540xs_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FA6D7E6-EAD4-45E6-A1CB-4E5CF2543564", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_p2540xs:-:*:*:*:*:*:*:*", matchCriteriaId: "77DCACA0-BA44-4691-BAAD-828C54898FBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_p2280x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D6F173D-4339-4842-AC62-5E4C488D6067", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_p2280x:-:*:*:*:*:*:*:*", matchCriteriaId: "FE6602CA-744E-4543-9818-75FC57E83280", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_p2100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DAB8B117-8605-4C4E-990E-7DE09DF79738", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_p2100:-:*:*:*:*:*:*:*", matchCriteriaId: "8DE4BB0C-0419-4A24-9C79-4642DBF22A9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_q2200x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F0604938-0253-466F-914D-300590C82AB1", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_q2200x:-:*:*:*:*:*:*:*", matchCriteriaId: "AC2E8256-45B6-4CDC-A2A8-60303773F149", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_q2121x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1BABC689-A27B-43C3-B402-2CFF1AFF0012", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_q2121x:-:*:*:*:*:*:*:*", matchCriteriaId: "19676250-FC97-4476-9A26-304DC8E4B872", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_g2540xs_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FF46332-4269-48FE-8D27-F0642FD08A75", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_g2540xs:-:*:*:*:*:*:*:*", matchCriteriaId: "CBFCBF8D-3FCA-4B17-9337-4BD621372F23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_g2280x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A90A385E-F817-42D4-BB1B-AF37DE3C9491", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_g2280x:-:*:*:*:*:*:*:*", matchCriteriaId: "3586D962-114E-4CD4-B6D2-8B031BBB01B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_g2121_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1C04F98D-5668-4398-8D8B-4CE9340F20A1", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_g2121:-:*:*:*:*:*:*:*", matchCriteriaId: "25451714-5AE6-43C7-B1CC-A2ED2486E402", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_g2100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F86A2C16-44BF-4C7F-A8C5-B03CEBC88CE8", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_g2100:-:*:*:*:*:*:*:*", matchCriteriaId: "8724DACC-85AC-4047-8960-27FCF58C5BF9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_fx2120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D70A4480-2C9E-4662-8612-23F66A649BA7", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_fx2120:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9B1A57-A45D-4EA3-B76B-C0F6FEB92316", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_p1282_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0983154F-C4BC-413F-B020-085E83D5BB44", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_p1282:-:*:*:*:*:*:*:*", matchCriteriaId: "65373D8B-0DA8-4539-9E63-DBBDF493508E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_g1282_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "632A1555-3550-456B-8ED8-49E5929CE38E", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_g1282:-:*:*:*:*:*:*:*", matchCriteriaId: "8110E6A8-E30A-4D4B-9210-0FE5F9C0F27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_g1085_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D3F580E9-2A0E-47E9-9C4B-2B971376C7EC", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_g1085:-:*:*:*:*:*:*:*", matchCriteriaId: "B61C56D2-6A25-4AF5-95E3-2AFE3E4A33F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorswitch_g1080_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B400A32-0E46-4AAC-930F-D73A639C85DA", versionEndExcluding: "2.6.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorswitch_g1080:-:*:*:*:*:*:*:*", matchCriteriaId: "2498876A-CDF4-423A-93C1-7337231D25E2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorap_903_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9BD0C4-5E5F-4E86-89F8-15821EC9618F", versionEndExcluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorap_903:-:*:*:*:*:*:*:*", matchCriteriaId: "D793F78F-1A6C-47AC-9F17-877DA0C6DD7D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorap_912c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13FEC077-B0A0-4F87-A113-D0131946C358", versionEndExcluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorap_912c:-:*:*:*:*:*:*:*", matchCriteriaId: "F2052075-C2C4-4462-96B7-E3C448B81AD7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorap_918r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A02352-B3C3-4A92-822B-9B458CB03EAC", versionEndExcluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorap_918r:-:*:*:*:*:*:*:*", matchCriteriaId: "257B6270-8551-4E08-8A04-E8D575407EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorap_1060c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C5783487-C7E1-4E14-B37F-EB4E5A68669B", versionEndExcluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorap_1060c:-:*:*:*:*:*:*:*", matchCriteriaId: "E73D31F1-2CAA-4837-BC3D-FD4160873334", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorap_906_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5873909E-F741-4139-A29A-DF8D79CA330D", versionEndExcluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorap_906:-:*:*:*:*:*:*:*", matchCriteriaId: "8015A1DA-A1B4-4EBC-98AC-941583EF8E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorap_960c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79C369C7-16EA-42CC-9E96-9D868977B632", versionEndExcluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorap_960c:-:*:*:*:*:*:*:*", matchCriteriaId: "9D0A4172-5FC4-4925-8BDD-A903FC31AFA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorap_1000c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E379F3EF-6789-4897-9B33-EAB954114571", versionEndExcluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorap_1000c:-:*:*:*:*:*:*:*", matchCriteriaId: "E93E754E-F8F5-4E77-8ED1-BFA34C26C2F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11182C9F-B2A1-4AE2-9983-6AC3DB8DE372", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2766ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "10586770-1426-435D-8137-2486A2843219", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766ac:-:*:*:*:*:*:*:*", matchCriteriaId: "787134FE-0549-427D-A9CE-32B1C58BC954", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8919EE4B-349B-435A-8E9C-A4C24504AF02", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2766ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C23468E0-F84F-4FAD-8CA0-0A66E0C3D5C0", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766ax:-:*:*:*:*:*:*:*", matchCriteriaId: "4B3D0E87-A5A2-4828-A79D-DB10FE6BC4D2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF64120-5611-41D1-ADC0-2C8F4522A205", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2766vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFC418D6-76FF-4208-B649-9650E572B750", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766vac:-:*:*:*:*:*:*:*", matchCriteriaId: "228DC583-B6BC-4948-A167-53C49B6D04B2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "68D1D724-D590-49FE-A301-C493FA4E50C3", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2765ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E3E66C-815B-4DAE-9A38-DD8C583A4DF5", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765ax:-:*:*:*:*:*:*:*", matchCriteriaId: "F653097B-9197-43A9-A9B4-8AA6EAFC5666", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99D00C6D-2DCA-4737-9652-D576585ED712", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2765vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E8B0DC03-200A-4DE1-93C8-F46698E3C4B0", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765vac:-:*:*:*:*:*:*:*", matchCriteriaId: "7A582D29-85D9-4FC3-B88A-42B947B9D18C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47866545-C9BF-4FCA-ADCA-ED2E44FC4097", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2765ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "076A3429-8E00-419F-96D0-40917CEDC328", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765ac:-:*:*:*:*:*:*:*", matchCriteriaId: "F1B9AF22-089B-41FB-8E30-BED3E4CE32ED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFF9F139-1975-4EE2-93E5-A22A1C9DEEA7", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2763ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "37B22541-27CF-488D-A35B-6E8EB3FD1958", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763ac:-:*:*:*:*:*:*:*", matchCriteriaId: "BC9BF014-B8EA-4DD9-8320-627C3D276596", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BADF0105-D4FF-4F9C-A45F-86A1D29F0AF0", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2620l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F4290ACF-3E73-4C09-9001-6A2AC31BF719", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620l:-:*:*:*:*:*:*:*", matchCriteriaId: "2DD1E5ED-6A96-4C4A-87D4-692988479D01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "83DA643A-7804-4058-963B-D4F9EF48D368", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2620ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6DCA1285-F9C7-4F21-BA80-09EE9FD2BC61", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620ln:-:*:*:*:*:*:*:*", matchCriteriaId: "F4B71980-6D7A-4B7B-9863-E85CC849ED90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorlte_200n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "67ABDDAF-CFA5-4185-B51C-8694FCF5ECAE", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigorlte_200n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "743D7983-774E-43A2-8D9E-FD7ECFF49208", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorlte_200n:-:*:*:*:*:*:*:*", matchCriteriaId: "00DC816E-1840-46F0-97C4-2BA00F5B9E64", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD7B44A-0421-471B-B777-2E1E4B6BC9E6", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2915ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05E71AD2-9353-48A0-8C5E-8CB0501E6CDF", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915ac:-:*:*:*:*:*:*:*", matchCriteriaId: "D4318B8A-B94C-4207-9731-76D35DE85034", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A7C5B846-1076-498A-9B18-E3AB9CA71664", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2135ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D23AC0A0-B4D4-4405-BA85-D3CEDC99254C", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135ac:-:*:*:*:*:*:*:*", matchCriteriaId: "77D227B7-1121-4657-A621-AF0C0E766D90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D054B8D0-4B1E-4A04-A268-B9F5B2494E2A", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2135ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5FBDE83D-0DC2-4265-8C13-6D67B8E551FB", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135ax:-:*:*:*:*:*:*:*", matchCriteriaId: "9C37EA55-2526-4130-A57C-65950A5DFE57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135fvac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6678CEE9-D55E-4BEB-9684-9E6A1275D7DA", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2135fvac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2933150F-1ACD-4CBB-AF76-52B0EF30D314", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135fvac:-:*:*:*:*:*:*:*", matchCriteriaId: "625DE418-F506-4579-9C25-04DCD0FBC7ED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "626A6BF5-0EA2-4B69-9FF9-95963A7BDC2E", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2135vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C24391FB-6E97-485C-A09E-BDEB991554A8", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135vac:-:*:*:*:*:*:*:*", matchCriteriaId: "AAC1C9BE-31B5-47DD-BE09-0984EE29A957", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE309C25-7405-43CA-84D9-D026995A2C1B", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2866ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5A4727DF-9C6B-451F-B0D8-97771723DB79", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866ax:-:*:*:*:*:*:*:*", matchCriteriaId: "4F84DE3D-5FFD-4D6F-877A-A656287BDD7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F7BC57D4-992C-4A15-9E0B-4A92DAB0E8FF", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2866ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E09C70BB-0404-44D2-BCA5-1A1ACF96DC81", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866ac:-:*:*:*:*:*:*:*", matchCriteriaId: "1E82803D-B1DE-4541-913C-9128B313AC0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43F53028-CD42-4B00-8E47-6E04ECCD7DB9", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2866vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1726990C-A56E-4FA3-A274-0059796DBD5D", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866vac:-:*:*:*:*:*:*:*", matchCriteriaId: "5295B4DF-DE6C-4725-A22B-1186D5AB1325", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "37EF7FFF-27D8-493F-AC08-CA08D8C68B9B", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2866l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45D29250-F220-473C-B50D-CBEBCFF2FACC", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866l:-:*:*:*:*:*:*:*", matchCriteriaId: "315CA850-DA5C-46E8-90A1-457320A52AA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE4D0323-BBDE-4770-956C-343C44C0963B", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2866lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C7A64C0-9FEF-4B90-B938-80B23AE31172", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866lac:-:*:*:*:*:*:*:*", matchCriteriaId: "4504923B-C903-432D-B4D2-287BD0145F3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27BC97E5-6000-4BB0-990A-63CC9EB7B464", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2865ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52037B3F-4CAA-4FF2-894F-D4C4F6F6EF34", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865ac:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D62A63-1E53-469C-B06C-DB6D05C7BE2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0ECC2E3B-9D0A-4599-B183-A8D13486A07E", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2865ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "662A9E6F-8D9E-4332-B3D2-5B364A7AEAB4", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865ax:-:*:*:*:*:*:*:*", matchCriteriaId: "699735FA-D33E-4F32-9584-B15938FB954E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA84174C-4735-41D7-AED6-4628A00506CD", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2865vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "451A5CEC-8FE1-49AB-B196-BA644E6C6052", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865vac:-:*:*:*:*:*:*:*", matchCriteriaId: "5C40B478-C28F-430A-A690-5EF9FFB4812E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "70A64A15-79FD-4C33-B0A2-6B5AB22E0A10", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2865l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0F60FE9-4C8C-4987-BA4D-A013565C0276", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865l:-:*:*:*:*:*:*:*", matchCriteriaId: "D4F462E8-6427-4E42-902B-07E8A9366423", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D930CFA9-2991-42D9-B34F-A33ECD1EB5A6", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2865lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9DCDD22F-A2FE-4A33-B577-E54434BCA715", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865lac:-:*:*:*:*:*:*:*", matchCriteriaId: "8B87FA44-4931-4DC4-89BE-72A591C7C355", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4000DB83-9F7E-4CF2-8BE4-620518BAE9B5", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2862n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2F06ECA-134C-4C77-B347-17FCACB23AF1", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862n:-:*:*:*:*:*:*:*", matchCriteriaId: "6DF8ECCA-405E-4D60-92ED-7F29F36A985F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04D0B7F9-91E5-4C11-9E60-BEEFFA94A04A", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2862ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "409F0831-39FC-406B-9F40-1A819D94E638", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862ac:-:*:*:*:*:*:*:*", matchCriteriaId: "CB77A5C7-026C-4172-970A-28E0D1A6F2D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "60C59833-B82E-411B-8538-EABFE4F14E3A", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2862vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45BFE7A0-2AFE-47E9-B383-E4A46DEF8418", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862vac:-:*:*:*:*:*:*:*", matchCriteriaId: "9CB96DDC-9961-47D4-81DF-4117A1B9C8F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81CF6DA5-1686-46B9-910D-A94DD63F08DC", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2862b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE5F7C2B-C1BC-4E9A-99D0-F89F47EC597B", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862b:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7469CB-2CDE-4D2D-988A-13A482A59B28", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862bn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29C38D34-5902-469F-BA3D-2C4F8D8A3CC6", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2862bn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "153F7DFA-1B02-4DFB-8E1E-B651BD09F900", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862bn:-:*:*:*:*:*:*:*", matchCriteriaId: "60F97B4A-B323-4354-9CAC-60BCB02A44DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D42814F5-C33D-43DF-A1B9-A993F7D65881", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2862l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "36C33DCB-487D-4CB4-A4C0-2C4B510AF422", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862l:-:*:*:*:*:*:*:*", matchCriteriaId: "96B57263-4900-4F2E-AA5C-554B5163F489", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "650DC374-F23A-4FE1-9AA4-CC55DD5B88A0", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2862lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04F1AD94-F4F4-467A-A48F-AA4FD46D0191", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862lac:-:*:*:*:*:*:*:*", matchCriteriaId: "6A89BEEB-3F13-4C41-9133-788232DD229B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05478558-3571-47B6-865A-51C382710FFA", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2862ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "78546B3A-97EB-4700-85EB-04CBED086A1C", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862ln:-:*:*:*:*:*:*:*", matchCriteriaId: "1D1ADB5D-D2CF-464B-9F1C-45F31A032953", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B44F218-4547-4011-B6DB-575CF501A872", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2832n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F85CD06-04CC-4A4E-A279-D110D966FAAF", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832n:-:*:*:*:*:*:*:*", matchCriteriaId: "B22E55C6-F71F-4EA7-B679-895A012B7020", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1330489C-DFC4-4403-B656-E4CFFF0101E8", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2927ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "534F07F3-622A-4756-9C51-5403C12AA0D6", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927ax:-:*:*:*:*:*:*:*", matchCriteriaId: "9C188F12-157F-4B8C-9A66-678B933E20F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A22DC676-E8C6-4422-942E-55EB3535DB68", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2927ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D40DA2AE-0AAF-4DEB-8A07-91D7D15F90A4", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927ac:-:*:*:*:*:*:*:*", matchCriteriaId: "B846175B-4DC0-4268-AAF2-F266BFD7646E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F5DC1B3-BB98-4178-AD67-FE3D3481D2CD", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2927vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34386461-6500-4653-BF1B-5E5299D0E662", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927vac:-:*:*:*:*:*:*:*", matchCriteriaId: "CD217200-9848-425F-B113-E624C027BC9C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927f_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "150F7911-3FB3-429B-8974-7CD3D08A2109", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2927f_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23A09F00-EBA9-4D82-8CC6-99C36095EFB4", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927f:-:*:*:*:*:*:*:*", matchCriteriaId: "BD5CF335-A5C0-46CC-A56C-0DBE15D01F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C2D036F0-BF3A-43D1-AAF0-1F88F51FD58D", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2927l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADE56943-366C-4D0E-8367-1E63C104F1D7", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927l:-:*:*:*:*:*:*:*", matchCriteriaId: "EC9D70E8-080B-4F0E-BA3A-ACFE8F61475B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B635143B-5C87-4A26-8E99-80D1061586C2", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2927lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9217655B-2A6A-457B-A72A-240DABD72ED8", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927lac:-:*:*:*:*:*:*:*", matchCriteriaId: "FB5ABFF7-F5DA-485F-976B-5C858B85E994", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926_plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9AA22E6-35C2-4D7D-8521-315F1CF617E6", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2926_plus_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1513AAB7-E518-4E71-A2C8-D677677F7284", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926_plus:-:*:*:*:*:*:*:*", matchCriteriaId: "AAC3E2A0-797D-4512-98A5-4ACE48EF4225", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "523910EF-FEFF-410B-8256-C7C0CE39649F", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "56E46B5A-D2B2-4ACA-B959-87B24CEAF5CA", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "BD0C9A21-7CFE-452F-8505-834AB8579D9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5E7F61CB-714A-4855-AB07-7281E05D7F72", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDE33FDF-EABE-4A61-97B1-B12F5A2D0F1A", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "9FF86645-253A-4BA3-BA2A-2725575C390D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "26E65A66-EEC8-42B7-9787-F55339B70EBE", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E971141F-469A-499D-8F2A-20F8999240DC", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "894E4DDA-D9BE-441D-B447-B1CE52959347", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58FF72CC-49AB-4D1F-A972-FC98DCDDCF2B", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C66404FA-6FCE-43B7-8F3C-177FB740C39E", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334E4F8A-B695-46A1-8362-4B97FE5CD424", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B649FFA-6D64-42A1-80A9-9B590EA8F5E3", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F167623-480E-49F3-869C-4CFD897AF696", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BB13341-7544-4459-B29F-D0F9BEE3001E", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor130:-:*:*:*:*:*:*:*", matchCriteriaId: "D7194998-2D96-43DE-85B6-35A8E474C695", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor167_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23AEEDBE-5556-4358-A955-C4F30D969642", versionEndExcluding: "3.9.6", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor167_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA97EBDF-8908-462A-807A-CDBA15AD5952", versionEndExcluding: "4.2.4", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor167:-:*:*:*:*:*:*:*", matchCriteriaId: "71A66A89-CF31-4C63-9562-707C03117104", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their own account. Attackers are then able to create WCF and DrayDDNS licenses and synchronize them from the website.", }, ], id: "CVE-2023-33778", lastModified: "2025-01-09T18:15:26.790", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-06-01T04:15:10.313", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-798", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-798", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }