Vulnerabilites related to draytek - vigor2866_firmware
Vulnerability from fkie_nvd
Published
2024-10-03 19:15
Modified
2025-03-14 16:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/resources/draybreak-draytek-research/ | Mitigation, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/resources/draytek14-vulnerabilities | Broken Link |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "289E3E0B-6BA4-44B8-968A-AC374B15B631", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", matchCriteriaId: "5D98663B-F2F5-4ADC-9FD5-75846890EEBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E55BCE-BBF0-454B-AE86-45B7298888B3", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", matchCriteriaId: "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89461FD4-897D-44F1-8486-4BCCDE3772DD", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", matchCriteriaId: "871448C6-9183-4828-A287-05F5EC6A44F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B1826F9-0258-44DD-A471-113CF55CE563", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", matchCriteriaId: "60657812-D3A8-4B1B-B7BE-F629991CB053", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A559F44-80F8-44B7-B70F-BA0B78C85283", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", matchCriteriaId: "9EA9DF5D-6651-455A-9305-C42C0FF51F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4AB3320-27F8-4359-AEF8-6B1FDBA67111", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", matchCriteriaId: "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08B9436B-B2FE-4644-BB06-B0537EC23A71", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDBC681E-CD03-49E5-BC3A-E4A7654975A3", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABDC93B5-DC0A-4AA4-A340-382F108AE80B", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "9FF86645-253A-4BA3-BA2A-2725575C390D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59521C99-00BA-4503-823E-3FEA44F8DDA0", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2602941C-255F-4289-9043-D396CC4B3192", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "894E4DDA-D9BE-441D-B447-B1CE52959347", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0549C870-BE10-441A-B07D-0701915E5A9E", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D1A9825-E419-4740-996A-5928D207FCB6", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "BD0C9A21-7CFE-452F-8505-834AB8579D9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84670562-F228-40A0-A38D-144EA62556D3", versionEndExcluding: "4.3.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", matchCriteriaId: "282E5318-DAA8-4AA2-8E7D-4B8BD9162153", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", matchCriteriaId: "4DBF2015-9315-44C8-A9FE-E86146F1958E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43265128-7E8E-4FE2-8488-AC5734A4AF70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", matchCriteriaId: "1878E59C-FB40-435D-940A-8952C56FA88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52F71B18-89B5-42C7-B4B7-448844D6AFBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", matchCriteriaId: "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A96F64C0-09DD-4553-AC5F-D722B8321B0D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", matchCriteriaId: "B0978465-D59F-4C0A-A29F-5D7BE58BA557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2C4077B-C73F-4431-9103-C09960E203E1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", matchCriteriaId: "266C73DE-BFC6-4F3E-B022-559B3971CA44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", matchCriteriaId: "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C470B04-BD57-429B-80FC-328A7D2E35E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", matchCriteriaId: "7536B29C-2030-4331-B8BF-D269D86D199B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A688631-4B36-43CC-AEF8-D390081F01DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", matchCriteriaId: "AF1B117B-603D-493C-A804-C18ED332A221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E207BB52-29F8-4F2F-AA06-855B38E22958", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", matchCriteriaId: "167336E2-AAA8-4424-AB07-2D7C9E1542B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD8437FD-65E2-4203-82B9-8FC32444204A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", matchCriteriaId: "64955940-3998-4B76-92D1-D9F3FAB874B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.", }, { lang: "es", value: "Los dispositivos DrayTek Vigor3910 hasta 4.3.2.6 permiten XSS reflejado basado en DOM no autenticado.", }, ], id: "CVE-2024-41591", lastModified: "2025-03-14T16:15:34.730", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-10-03T19:15:04.560", references: [ { source: "cve@mitre.org", tags: [ "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-29 06:15
Modified
2024-11-21 07:06
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B937B768-C53B-490F-B6A8-6B0A2CC6C05A", versionEndExcluding: "4.3.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "894E4DDA-D9BE-441D-B447-B1CE52959347", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05E81F44-7E9B-406E-BB4F-A3B6E5B82316", versionEndExcluding: "4.3.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "9FF86645-253A-4BA3-BA2A-2725575C390D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13C4AF21-4B66-4A84-95FB-268F8B644B39", versionEndExcluding: "4.3.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "BD0C9A21-7CFE-452F-8505-834AB8579D9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "17AD71DA-3550-4C1F-B2D6-BE8521E8A86C", versionEndExcluding: "4.3.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962p:-:*:*:*:*:*:*:*", matchCriteriaId: "85F44E9E-D6E6-44CB-A724-143EE7D74691", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "411D132F-5340-4EFF-AC02-CF4AAB9320F4", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*", matchCriteriaId: "12460F51-25AB-4EA9-BC43-9CE8DA992D75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "070AFC36-DFCF-4511-9B72-BCC5E37F5A21", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927ax:-:*:*:*:*:*:*:*", matchCriteriaId: "9C188F12-157F-4B8C-9A66-678B933E20F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63F379DA-0262-438F-9689-1D7824257A3A", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927ac:-:*:*:*:*:*:*:*", matchCriteriaId: "B846175B-4DC0-4268-AAF2-F266BFD7646E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E695FA8-7DC9-483B-89BC-9A55AA69C500", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927vac:-:*:*:*:*:*:*:*", matchCriteriaId: "CD217200-9848-425F-B113-E624C027BC9C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BAE83225-B91F-4A39-B3C9-35551B85A61C", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927l:-:*:*:*:*:*:*:*", matchCriteriaId: "EC9D70E8-080B-4F0E-BA3A-ACFE8F61475B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2927lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A3AB34C6-A18C-425F-BC75-E4729FDBA462", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2927lac:-:*:*:*:*:*:*:*", matchCriteriaId: "FB5ABFF7-F5DA-485F-976B-5C858B85E994", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD74FED6-4AC0-4BB8-A32D-D849350968B0", versionEndExcluding: "4.3.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", matchCriteriaId: "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE8DBA39-B28F-4901-860E-DE550A8FADA9", versionEndExcluding: "4.3.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915ac:-:*:*:*:*:*:*:*", matchCriteriaId: "D4318B8A-B94C-4207-9731-76D35DE85034", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B3BC6B8-6B4C-4794-9394-479DF40C7F5A", versionEndExcluding: "3.9.7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", matchCriteriaId: "167336E2-AAA8-4424-AB07-2D7C9E1542B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2952p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF2DE13B-8494-4E98-B18A-2EA35D9A7650", versionEndExcluding: "3.9.7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2952p:-:*:*:*:*:*:*:*", matchCriteriaId: "00F421E8-00BE-4451-A948-0D9862E442E3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0996CFA6-AA5C-4EFD-BD9E-1B0F23F03804", versionEndExcluding: "3.9.7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", matchCriteriaId: "64955940-3998-4B76-92D1-D9F3FAB874B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "76E680BF-6C82-4691-92DA-D4F50E4120BB", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", matchCriteriaId: "AF1B117B-603D-493C-A804-C18ED332A221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "66C1DB0D-3F7F-4EF5-9F23-10AC94B4A439", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926n:-:*:*:*:*:*:*:*", matchCriteriaId: "C04C85F3-C187-4F82-87A9-ECAF197ABA30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "957D95D2-3569-4CA0-9C05-279F32B66F44", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926ac:-:*:*:*:*:*:*:*", matchCriteriaId: "65625316-A171-4C06-BFD0-C15A5ACF58A4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82DF224C-6CE9-43FF-A882-0C3989018D00", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926vac:-:*:*:*:*:*:*:*", matchCriteriaId: "059842A3-553B-43A0-A714-15C55DA85752", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3EE43891-7DB2-4C48-97B7-9F1F3051EA7D", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926l:-:*:*:*:*:*:*:*", matchCriteriaId: "775E8858-B078-427D-BCB5-6D2B91D17A9D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1498B13D-10BA-49D2-8229-ADFCA5F44B20", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926ln:-:*:*:*:*:*:*:*", matchCriteriaId: "9E30F255-ECE9-4E6F-9A22-2826E548C18B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4AB36D6A-658F-4A67-BC7F-045C44A3A322", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926lac:-:*:*:*:*:*:*:*", matchCriteriaId: "D4953A99-AD72-4204-BAA9-D87164349E01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "943EEFDB-8958-41BA-84E7-BB28A218B245", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", matchCriteriaId: "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E63AB9A5-C5AE-410E-AFA3-D32F69887D9E", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862n:-:*:*:*:*:*:*:*", matchCriteriaId: "6DF8ECCA-405E-4D60-92ED-7F29F36A985F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C4982251-F1DE-46CF-8995-F9B0CAD4D758", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862ac:-:*:*:*:*:*:*:*", matchCriteriaId: "CB77A5C7-026C-4172-970A-28E0D1A6F2D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0622A4B6-8839-4972-AC2A-1634F4241B9A", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862vac:-:*:*:*:*:*:*:*", matchCriteriaId: "9CB96DDC-9961-47D4-81DF-4117A1B9C8F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "932AA150-DCEE-4313-92E3-B9AECBD6707B", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862b:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7469CB-2CDE-4D2D-988A-13A482A59B28", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862bn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A808791A-0863-44F6-8A13-8EFF8EB8C727", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862bn:-:*:*:*:*:*:*:*", matchCriteriaId: "60F97B4A-B323-4354-9CAC-60BCB02A44DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "137281B3-B1F6-4EC4-BB8B-8652533E2337", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862l:-:*:*:*:*:*:*:*", matchCriteriaId: "96B57263-4900-4F2E-AA5C-554B5163F489", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF2D8790-A2EE-4AE1-A2DC-CC54108DD263", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862ln:-:*:*:*:*:*:*:*", matchCriteriaId: "1D1ADB5D-D2CF-464B-9F1C-45F31A032953", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5972D23-8225-48C1-B9A5-F63531B548E1", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862lac:-:*:*:*:*:*:*:*", matchCriteriaId: "6A89BEEB-3F13-4C41-9133-788232DD229B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D38C4B52-81DF-40F2-8760-A25915126158", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620l:-:*:*:*:*:*:*:*", matchCriteriaId: "2DD1E5ED-6A96-4C4A-87D4-692988479D01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620ln_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EDA1B3E-4B46-451B-9462-6BBFF5A16F28", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620ln:-:*:*:*:*:*:*:*", matchCriteriaId: "F4B71980-6D7A-4B7B-9863-E85CC849ED90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorlte_200n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99B65954-02D6-4B76-88F2-5787B1A55729", versionEndExcluding: "3.9.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorlte_200n:-:*:*:*:*:*:*:*", matchCriteriaId: "00DC816E-1840-46F0-97C4-2BA00F5B9E64", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7646BDD0-992E-43D6-A5A9-AB5EA5E89FD3", versionEndExcluding: "3.9.6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", matchCriteriaId: "1878E59C-FB40-435D-940A-8952C56FA88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55C8D979-63A8-419F-86CB-CFDBE8C19B2D", versionEndExcluding: "3.9.6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133n:-:*:*:*:*:*:*:*", matchCriteriaId: "A3F57E3F-8FFB-4A48-8BFD-5245D1EF2B80", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "03D383A7-C3A8-41E8-8731-04EF97F0CCE1", versionEndExcluding: "3.9.6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133ac:-:*:*:*:*:*:*:*", matchCriteriaId: "196CE92C-805E-4B6A-8EA8-7A49515FB617", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "297393CA-8855-46DD-A229-D46BA338A57C", versionEndExcluding: "3.9.6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133vac:-:*:*:*:*:*:*:*", matchCriteriaId: "4B81C46C-C837-4C10-AE7F-9E98A1A9E15C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133fvac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "56923C0D-7FBF-4110-8220-07D2FFEA30A6", versionEndExcluding: "3.9.6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133fvac:-:*:*:*:*:*:*:*", matchCriteriaId: "C1999AE2-3E6E-4D18-8FF1-D2A853B5975F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61F5E418-BA97-4F40-B3E6-AE256FE0EFDD", versionEndExcluding: "3.9.6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", matchCriteriaId: "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C44183E5-3030-45F1-BE3E-EAA47312E6AB", versionEndExcluding: "3.9.6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762n:-:*:*:*:*:*:*:*", matchCriteriaId: "47B532B5-386F-4C4C-8554-C73409124306", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E41A4B2-4C20-433F-9285-95909A0AEE3B", versionEndExcluding: "3.9.6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEA5BFB-5D2F-44B2-B995-0675243264CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "67A1CBE5-09BF-47A6-A6CA-5FF5CEF6670F", versionEndExcluding: "3.9.6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762vac:-:*:*:*:*:*:*:*", matchCriteriaId: "1F97B07D-BC53-42A4-BBA3-D9CF5D474C9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "71348479-95FE-4E66-A068-74DA89C82F6F", versionEndExcluding: "4.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EFE35F98-0304-415F-B8AF-93C17F8DA6CB", versionEndExcluding: "4.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0394013-3F27-4ACA-81C1-17399631DF84", versionEndExcluding: "4.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", matchCriteriaId: "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1355BCF1-FB23-45B9-9201-EA25B2F33920", versionEndExcluding: "4.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135ac:-:*:*:*:*:*:*:*", matchCriteriaId: "77D227B7-1121-4657-A621-AF0C0E766D90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EBDB62F3-082E-4763-BAA0-69B78DA16B5C", versionEndExcluding: "4.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135vac:-:*:*:*:*:*:*:*", matchCriteriaId: "AAC1C9BE-31B5-47DD-BE09-0984EE29A957", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135fvac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3327574-E0DB-4CB4-8BDD-C03F09D0974A", versionEndExcluding: "4.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135fvac:-:*:*:*:*:*:*:*", matchCriteriaId: "625DE418-F506-4579-9C25-04DCD0FBC7ED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D431985C-61B3-4124-A363-3124D1AAF5CC", versionEndExcluding: "4.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", matchCriteriaId: "60657812-D3A8-4B1B-B7BE-F629991CB053", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EEB6111E-2063-4CCF-8E50-4E851264FB16", versionEndExcluding: "4.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765ac:-:*:*:*:*:*:*:*", matchCriteriaId: "F1B9AF22-089B-41FB-8E30-BED3E4CE32ED", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F63944F3-F3D4-4240-819F-15694FB71C1D", versionEndExcluding: "4.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765vac:-:*:*:*:*:*:*:*", matchCriteriaId: "7A582D29-85D9-4FC3-B88A-42B947B9D18C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C34C4A04-A6D0-48F9-BDB0-26847CC0EBAE", versionEndExcluding: "4.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA939906-239F-40DC-B452-8FF64C9907C7", versionEndExcluding: "4.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766ac:-:*:*:*:*:*:*:*", matchCriteriaId: "787134FE-0549-427D-A9CE-32B1C58BC954", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5E78CBAA-2D96-43C8-84A1-AF6CB42C8131", versionEndExcluding: "4.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766vac:-:*:*:*:*:*:*:*", matchCriteriaId: "228DC583-B6BC-4948-A167-53C49B6D04B2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0928E933-244C-44E7-A7B3-C6009DD12EC2", versionEndExcluding: "3.9.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", matchCriteriaId: "B0978465-D59F-4C0A-A29F-5D7BE58BA557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "98F02BBA-DADE-48C9-8802-6C170714A3DF", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", matchCriteriaId: "871448C6-9183-4828-A287-05F5EC6A44F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "57E1D55A-45D7-4427-8BF4-197853948E37", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865ax:-:*:*:*:*:*:*:*", matchCriteriaId: "699735FA-D33E-4F32-9584-B15938FB954E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF8F3B5B-F074-4AB1-8F2C-D4680A843781", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865ac:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D62A63-1E53-469C-B06C-DB6D05C7BE2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63B4931B-4B4E-4F30-9A53-657746F3AEEF", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865vac:-:*:*:*:*:*:*:*", matchCriteriaId: "5C40B478-C28F-430A-A690-5EF9FFB4812E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6AA4AF52-76AE-4356-94DD-2033D888ED32", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865l:-:*:*:*:*:*:*:*", matchCriteriaId: "D4F462E8-6427-4E42-902B-07E8A9366423", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "14488AE9-7FDB-466C-A7BF-3DF43F4A9FE6", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865lac:-:*:*:*:*:*:*:*", matchCriteriaId: "8B87FA44-4931-4DC4-89BE-72A591C7C355", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05E1101F-BFCE-479F-9E3C-932D56E42C9A", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD98A315-7484-442B-A411-CDFCDDDCC625", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866ax:-:*:*:*:*:*:*:*", matchCriteriaId: "4F84DE3D-5FFD-4D6F-877A-A656287BDD7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7E30E7C6-C4F5-46C4-87F7-E64AD8CA1DAB", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866ac:-:*:*:*:*:*:*:*", matchCriteriaId: "1E82803D-B1DE-4541-913C-9128B313AC0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866vac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "51C16598-52C3-4302-B2EF-4714007904D5", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866vac:-:*:*:*:*:*:*:*", matchCriteriaId: "5295B4DF-DE6C-4725-A22B-1186D5AB1325", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F93460D-E72A-4F55-8471-476BD86B83BD", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866l:-:*:*:*:*:*:*:*", matchCriteriaId: "315CA850-DA5C-46E8-90A1-457320A52AA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866lac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "962FC4B2-E7AE-4F4F-B6F5-7E71C9EDFFF6", versionEndExcluding: "4.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866lac:-:*:*:*:*:*:*:*", matchCriteriaId: "4504923B-C903-432D-B4D2-287BD0145F3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.", }, { lang: "es", value: "Se ha detectado un problema en determinados routers DrayTek Vigor versiones anteriores a julio de 2022, como el Vigor3910 versiones anteriores a 4.3.1.1. El archivo /cgi-bin/wlogin.cgi presenta un desbordamiento de búfer por medio del nombre de usuario o contraseña al campo aa o ab", }, ], id: "CVE-2022-32548", lastModified: "2024-11-21T07:06:36.290", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-29T06:15:09.423", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-03 19:15
Modified
2025-03-18 16:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/resources/draybreak-draytek-research/ | Mitigation, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/resources/draytek14-vulnerabilities | Broken Link |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2602941C-255F-4289-9043-D396CC4B3192", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "894E4DDA-D9BE-441D-B447-B1CE52959347", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84670562-F228-40A0-A38D-144EA62556D3", versionEndExcluding: "4.3.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", matchCriteriaId: "282E5318-DAA8-4AA2-8E7D-4B8BD9162153", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0549C870-BE10-441A-B07D-0701915E5A9E", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D1A9825-E419-4740-996A-5928D207FCB6", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "BD0C9A21-7CFE-452F-8505-834AB8579D9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59521C99-00BA-4503-823E-3FEA44F8DDA0", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDBC681E-CD03-49E5-BC3A-E4A7654975A3", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABDC93B5-DC0A-4AA4-A340-382F108AE80B", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "9FF86645-253A-4BA3-BA2A-2725575C390D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08B9436B-B2FE-4644-BB06-B0537EC23A71", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4AB3320-27F8-4359-AEF8-6B1FDBA67111", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", matchCriteriaId: "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A559F44-80F8-44B7-B70F-BA0B78C85283", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", matchCriteriaId: "9EA9DF5D-6651-455A-9305-C42C0FF51F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B1826F9-0258-44DD-A471-113CF55CE563", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", matchCriteriaId: "60657812-D3A8-4B1B-B7BE-F629991CB053", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", matchCriteriaId: "871448C6-9183-4828-A287-05F5EC6A44F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89461FD4-897D-44F1-8486-4BCCDE3772DD", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E55BCE-BBF0-454B-AE86-45B7298888B3", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", matchCriteriaId: "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "289E3E0B-6BA4-44B8-968A-AC374B15B631", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", matchCriteriaId: "5D98663B-F2F5-4ADC-9FD5-75846890EEBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", matchCriteriaId: "4DBF2015-9315-44C8-A9FE-E86146F1958E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43265128-7E8E-4FE2-8488-AC5734A4AF70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", matchCriteriaId: "1878E59C-FB40-435D-940A-8952C56FA88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52F71B18-89B5-42C7-B4B7-448844D6AFBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", matchCriteriaId: "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A96F64C0-09DD-4553-AC5F-D722B8321B0D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", matchCriteriaId: "B0978465-D59F-4C0A-A29F-5D7BE58BA557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2C4077B-C73F-4431-9103-C09960E203E1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", matchCriteriaId: "266C73DE-BFC6-4F3E-B022-559B3971CA44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", matchCriteriaId: "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C470B04-BD57-429B-80FC-328A7D2E35E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", matchCriteriaId: "7536B29C-2030-4331-B8BF-D269D86D199B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A688631-4B36-43CC-AEF8-D390081F01DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", matchCriteriaId: "AF1B117B-603D-493C-A804-C18ED332A221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E207BB52-29F8-4F2F-AA06-855B38E22958", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", matchCriteriaId: "167336E2-AAA8-4424-AB07-2D7C9E1542B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD8437FD-65E2-4203-82B9-8FC32444204A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", matchCriteriaId: "64955940-3998-4B76-92D1-D9F3FAB874B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.", }, { lang: "es", value: "El XSS almacenado, por parte de usuarios autenticados, es causado por una mala desinfección del mensaje de saludo de la página de inicio de sesión en los dispositivos DrayTek Vigor310 hasta 4.3.2.6.", }, ], id: "CVE-2024-41587", lastModified: "2025-03-18T16:15:22.733", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-10-03T19:15:04.310", references: [ { source: "cve@mitre.org", tags: [ "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-03 19:15
Modified
2025-03-13 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/resources/draybreak-draytek-research/ | Mitigation, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/resources/draytek14-vulnerabilities | Broken Link |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84670562-F228-40A0-A38D-144EA62556D3", versionEndExcluding: "4.3.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", matchCriteriaId: "282E5318-DAA8-4AA2-8E7D-4B8BD9162153", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0549C870-BE10-441A-B07D-0701915E5A9E", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D1A9825-E419-4740-996A-5928D207FCB6", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "BD0C9A21-7CFE-452F-8505-834AB8579D9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2602941C-255F-4289-9043-D396CC4B3192", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "894E4DDA-D9BE-441D-B447-B1CE52959347", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59521C99-00BA-4503-823E-3FEA44F8DDA0", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDBC681E-CD03-49E5-BC3A-E4A7654975A3", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABDC93B5-DC0A-4AA4-A340-382F108AE80B", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "9FF86645-253A-4BA3-BA2A-2725575C390D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08B9436B-B2FE-4644-BB06-B0537EC23A71", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4AB3320-27F8-4359-AEF8-6B1FDBA67111", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", matchCriteriaId: "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A559F44-80F8-44B7-B70F-BA0B78C85283", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", matchCriteriaId: "9EA9DF5D-6651-455A-9305-C42C0FF51F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B1826F9-0258-44DD-A471-113CF55CE563", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", matchCriteriaId: "60657812-D3A8-4B1B-B7BE-F629991CB053", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", matchCriteriaId: "871448C6-9183-4828-A287-05F5EC6A44F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89461FD4-897D-44F1-8486-4BCCDE3772DD", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E55BCE-BBF0-454B-AE86-45B7298888B3", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", matchCriteriaId: "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "289E3E0B-6BA4-44B8-968A-AC374B15B631", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", matchCriteriaId: "5D98663B-F2F5-4ADC-9FD5-75846890EEBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", matchCriteriaId: "4DBF2015-9315-44C8-A9FE-E86146F1958E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43265128-7E8E-4FE2-8488-AC5734A4AF70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", matchCriteriaId: "1878E59C-FB40-435D-940A-8952C56FA88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52F71B18-89B5-42C7-B4B7-448844D6AFBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", matchCriteriaId: "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A96F64C0-09DD-4553-AC5F-D722B8321B0D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", matchCriteriaId: "B0978465-D59F-4C0A-A29F-5D7BE58BA557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2C4077B-C73F-4431-9103-C09960E203E1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", matchCriteriaId: "266C73DE-BFC6-4F3E-B022-559B3971CA44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", matchCriteriaId: "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C470B04-BD57-429B-80FC-328A7D2E35E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", matchCriteriaId: "7536B29C-2030-4331-B8BF-D269D86D199B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A688631-4B36-43CC-AEF8-D390081F01DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", matchCriteriaId: "AF1B117B-603D-493C-A804-C18ED332A221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E207BB52-29F8-4F2F-AA06-855B38E22958", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", matchCriteriaId: "167336E2-AAA8-4424-AB07-2D7C9E1542B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD8437FD-65E2-4203-82B9-8FC32444204A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", matchCriteriaId: "64955940-3998-4B76-92D1-D9F3FAB874B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow.", }, { lang: "es", value: "Los dispositivos DrayTek Vigor310 hasta 4.3.2.6 permiten a un atacante remoto ejecutar código arbitrario a través de la función ft_payload_dns(), porque se produce una operación de extensión de signo de byte para el argumento de longitud de una llamada _memcpy, lo que lleva a un desbordamiento de búfer basado en el montón.", }, ], id: "CVE-2024-41593", lastModified: "2025-03-13T19:15:47.260", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-10-03T19:15:04.740", references: [ { source: "cve@mitre.org", tags: [ "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-03 19:15
Modified
2025-03-19 16:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/resources/draybreak-draytek-research/ | Mitigation, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/resources/draytek14-vulnerabilities | Broken Link |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "289E3E0B-6BA4-44B8-968A-AC374B15B631", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*", matchCriteriaId: "5D98663B-F2F5-4ADC-9FD5-75846890EEBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E55BCE-BBF0-454B-AE86-45B7298888B3", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", matchCriteriaId: "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89461FD4-897D-44F1-8486-4BCCDE3772DD", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1", versionEndExcluding: "4.4.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", matchCriteriaId: "871448C6-9183-4828-A287-05F5EC6A44F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B1826F9-0258-44DD-A471-113CF55CE563", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", matchCriteriaId: "60657812-D3A8-4B1B-B7BE-F629991CB053", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A559F44-80F8-44B7-B70F-BA0B78C85283", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*", matchCriteriaId: "9EA9DF5D-6651-455A-9305-C42C0FF51F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4AB3320-27F8-4359-AEF8-6B1FDBA67111", versionEndExcluding: "4.4.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", matchCriteriaId: "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08B9436B-B2FE-4644-BB06-B0537EC23A71", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", matchCriteriaId: "7E33E647-5883-44FA-9915-34B89090D4E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDBC681E-CD03-49E5-BC3A-E4A7654975A3", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABDC93B5-DC0A-4AA4-A340-382F108AE80B", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", matchCriteriaId: "9FF86645-253A-4BA3-BA2A-2725575C390D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59521C99-00BA-4503-823E-3FEA44F8DDA0", versionEndExcluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", matchCriteriaId: "8E644893-0457-43A9-98AB-9DB37A5C415C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2602941C-255F-4289-9043-D396CC4B3192", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", matchCriteriaId: "894E4DDA-D9BE-441D-B447-B1CE52959347", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0549C870-BE10-441A-B07D-0701915E5A9E", versionEndExcluding: "4.3.2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D1A9825-E419-4740-996A-5928D207FCB6", versionEndExcluding: "4.4.3.1", versionStartIncluding: "4.4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", matchCriteriaId: "BD0C9A21-7CFE-452F-8505-834AB8579D9B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84670562-F228-40A0-A38D-144EA62556D3", versionEndExcluding: "4.3.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*", matchCriteriaId: "282E5318-DAA8-4AA2-8E7D-4B8BD9162153", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*", matchCriteriaId: "4DBF2015-9315-44C8-A9FE-E86146F1958E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43265128-7E8E-4FE2-8488-AC5734A4AF70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", matchCriteriaId: "1878E59C-FB40-435D-940A-8952C56FA88B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52F71B18-89B5-42C7-B4B7-448844D6AFBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", matchCriteriaId: "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A96F64C0-09DD-4553-AC5F-D722B8321B0D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", matchCriteriaId: "B0978465-D59F-4C0A-A29F-5D7BE58BA557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2C4077B-C73F-4431-9103-C09960E203E1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*", matchCriteriaId: "266C73DE-BFC6-4F3E-B022-559B3971CA44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", matchCriteriaId: "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C470B04-BD57-429B-80FC-328A7D2E35E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*", matchCriteriaId: "7536B29C-2030-4331-B8BF-D269D86D199B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A688631-4B36-43CC-AEF8-D390081F01DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", matchCriteriaId: "AF1B117B-603D-493C-A804-C18ED332A221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E207BB52-29F8-4F2F-AA06-855B38E22958", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", matchCriteriaId: "167336E2-AAA8-4424-AB07-2D7C9E1542B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD8437FD-65E2-4203-82B9-8FC32444204A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", matchCriteriaId: "64955940-3998-4B76-92D1-D9F3FAB874B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.", }, { lang: "es", value: "Un problema en los dispositivos DrayTek Vigor310 hasta la versión 4.3.2.6 permite a un atacante obtener información confidencial porque el servidor httpd de la interfaz de administración de Vigor utiliza una cadena estática para inicializar el PRNG de OpenSSL.", }, ], id: "CVE-2024-41594", lastModified: "2025-03-19T16:15:26.387", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-10-03T19:15:04.800", references: [ { source: "cve@mitre.org", tags: [ "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-326", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-326", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
cve-2024-41593
Vulnerability from cvelistv5
Published
2024-10-03 00:00
Modified
2025-03-13 18:11
Severity ?
EPSS score ?
Summary
DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-41593", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-13T18:07:09.851527Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-13T18:11:33.093Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-03T18:29:21.947Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-41593", datePublished: "2024-10-03T00:00:00.000Z", dateReserved: "2024-07-18T00:00:00.000Z", dateUpdated: "2025-03-13T18:11:33.093Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32548
Vulnerability from cvelistv5
Published
2022-08-29 05:38
Modified
2024-08-03 07:46
Severity ?
EPSS score ?
Summary
An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:46:43.481Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-29T05:38:35", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers", }, { tags: [ "x_refsource_MISC", ], url: "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-32548", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers", refsource: "MISC", url: "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers", }, { name: "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html", refsource: "MISC", url: "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-32548", datePublished: "2022-08-29T05:38:35", dateReserved: "2022-06-08T00:00:00", dateUpdated: "2024-08-03T07:46:43.481Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-41594
Vulnerability from cvelistv5
Published
2024-10-03 00:00
Modified
2025-03-19 15:38
Severity ?
EPSS score ?
Summary
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-41594", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-19T15:22:51.555504Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-326", description: "CWE-326 Inadequate Encryption Strength", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-19T15:38:27.511Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-03T18:29:39.340Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-41594", datePublished: "2024-10-03T00:00:00.000Z", dateReserved: "2024-07-18T00:00:00.000Z", dateUpdated: "2025-03-19T15:38:27.511Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-41591
Vulnerability from cvelistv5
Published
2024-10-03 00:00
Modified
2025-03-14 15:36
Severity ?
EPSS score ?
Summary
DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-41591", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-03T19:14:46.529762Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-14T15:36:23.805Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-03T18:26:22.678Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-41591", datePublished: "2024-10-03T00:00:00.000Z", dateReserved: "2024-07-18T00:00:00.000Z", dateUpdated: "2025-03-14T15:36:23.805Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-41587
Vulnerability from cvelistv5
Published
2024-10-03 00:00
Modified
2025-03-18 15:15
Severity ?
EPSS score ?
Summary
Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-41587", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-03T20:24:15.931214Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-18T15:15:51.880Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-03T18:25:02.832Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.forescout.com/resources/draytek14-vulnerabilities", }, { url: "https://www.forescout.com/resources/draybreak-draytek-research/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-41587", datePublished: "2024-10-03T00:00:00.000Z", dateReserved: "2024-07-18T00:00:00.000Z", dateUpdated: "2025-03-18T15:15:51.880Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }