Vulnerabilites related to draytek - vigor2927_firmware
Vulnerability from fkie_nvd
Published
2025-02-27 21:15
Modified
2025-05-28 16:23
Severity ?
Summary
Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 and earlier and Vigor2865/2866/2927 4.4.5.3 and earlier and Vigor2962/3910 4.3.2.8/4.4.3.1 and earlier and Vigor3912 4.3.6.1 and earlier allows a remote attacker to execute arbitrary code via the CGI parser's handling of the "Content-Length" header of HTTP POST requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://draytek.com | Product | |
| cve@mitre.org | https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5485DD5C-12A3-4289-8196-43FFB3DF8B06",
"versionEndExcluding": "3.9.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D98663B-F2F5-4ADC-9FD5-75846890EEBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80EC4363-A351-4117-96CE-1F8B4748FCAC",
"versionEndExcluding": "3.9.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBF2015-9315-44C8-A9FE-E86146F1958E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "519DD534-4B4A-48A4-9C5D-FB197DC5C777",
"versionEndExcluding": "3.9.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "266C73DE-BFC6-4F3E-B022-559B3971CA44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFCA64D1-9731-4990-AD61-F673D41716BE",
"versionEndExcluding": "3.9.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7536B29C-2030-4331-B8BF-D269D86D199B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2821747D-FDE2-47FA-B352-70F6FBE0473D",
"versionEndExcluding": "3.9.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD3195E-BA40-40B3-AF13-64AFF4890EE4",
"versionEndExcluding": "3.9.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F53804E7-59F0-4328-A732-9A14EB076E87",
"versionEndExcluding": "3.9.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42C4DE6D-EE26-4445-8F57-0DCEC311A6A2",
"versionEndExcluding": "3.9.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC78800A-438E-4B67-B3A5-F18D10F5D9B5",
"versionEndExcluding": "3.9.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CBCFE34-3027-4DBB-9214-4CC891865F25",
"versionEndExcluding": "4.4.5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "162BD269-E656-4A91-9E8C-A5E26A646B2D",
"versionEndExcluding": "4.4.5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9695AA4E-EC4A-4F02-BFCD-5308CBE19510",
"versionEndExcluding": "4.4.5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ECD7087-34D5-4841-97D1-B9F361327016",
"versionEndExcluding": "4.4.5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA9DF5D-6651-455A-9305-C42C0FF51F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45D6CD9B-5252-4541-9745-3F4E4D0C5C82",
"versionEndExcluding": "4.4.5.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F40A5ACD-BC60-4C97-BF7D-6B609A1D99E6",
"versionEndExcluding": "4.4.5.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74715D2C-FDF6-4882-A57A-327014FCC1CB",
"versionEndExcluding": "4.4.5.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12460F51-25AB-4EA9-BC43-9CE8DA992D75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "093FCEE3-FEAA-4DA5-AD20-206D3822C63F",
"versionEndExcluding": "4.3.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94AD7401-FE5B-4E5F-9469-DEDB101C6990",
"versionEndExcluding": "4.4.3.2",
"versionStartIncluding": "4.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "529BDB13-03F3-4EF4-A15C-4EF2467DF5AE",
"versionEndExcluding": "4.3.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18DFF3-93B4-462C-908E-99C243EFFA2F",
"versionEndExcluding": "4.4.3.2",
"versionStartIncluding": "4.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD4EA0F-391C-4A2E-B5CD-0D0689C36F20",
"versionEndExcluding": "4.4.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282E5318-DAA8-4AA2-8E7D-4B8BD9162153",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A876E867-03E8-470E-A830-C0C5FBCCB257",
"versionEndExcluding": "4.4.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B75C80CA-401A-4228-98F9-D27E529DC32D",
"versionEndExcluding": "4.4.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF86645-253A-4BA3-BA2A-2725575C390D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F39C5A58-E6F1-4BA5-B321-7EA78F8DC7A6",
"versionEndExcluding": "3.9.8.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*",
"matchCriteriaId": "167336E2-AAA8-4424-AB07-2D7C9E1542B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85DA10A6-CA24-4D03-B4DC-CC9A33D7E22D",
"versionEndExcluding": "3.9.8.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64955940-3998-4B76-92D1-D9F3FAB874B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 and earlier and Vigor2865/2866/2927 4.4.5.3 and earlier and Vigor2962/3910 4.3.2.8/4.4.3.1 and earlier and Vigor3912 4.3.6.1 and earlier allows a remote attacker to execute arbitrary code via the CGI parser\u0027s handling of the \"Content-Length\" header of HTTP POST requests."
},
{
"lang": "es",
"value": "Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 and earlier and Vigor2865/2866/2927 4.4.5.3 and earlier and Vigor2962/3910 4.3.2.8/4.4.3.1 and earlier and Vigor3912 4.3.6.1 and earlier allows a remote attacker to execute arbitrary code via the CGI parser\u0027s handling of the \"Content-Length\" header of HTTP POST requests."
}
],
"id": "CVE-2024-51139",
"lastModified": "2025-05-28T16:23:26.310",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-02-27T21:15:37.123",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "http://draytek.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-29 06:15
Modified
2024-11-21 07:06
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937B768-C53B-490F-B6A8-6B0A2CC6C05A",
"versionEndExcluding": "4.3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E81F44-7E9B-406E-BB4F-A3B6E5B82316",
"versionEndExcluding": "4.3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF86645-253A-4BA3-BA2A-2725575C390D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13C4AF21-4B66-4A84-95FB-268F8B644B39",
"versionEndExcluding": "4.3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2962p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17AD71DA-3550-4C1F-B2D6-BE8521E8A86C",
"versionEndExcluding": "4.3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2962p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85F44E9E-D6E6-44CB-A724-143EE7D74691",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "411D132F-5340-4EFF-AC02-CF4AAB9320F4",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12460F51-25AB-4EA9-BC43-9CE8DA992D75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "070AFC36-DFCF-4511-9B72-BCC5E37F5A21",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C188F12-157F-4B8C-9A66-678B933E20F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63F379DA-0262-438F-9689-1D7824257A3A",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B846175B-4DC0-4268-AAF2-F266BFD7646E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927vac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E695FA8-7DC9-483B-89BC-9A55AA69C500",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927vac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD217200-9848-425F-B113-E624C027BC9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE83225-B91F-4A39-B3C9-35551B85A61C",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9D70E8-080B-4F0E-BA3A-ACFE8F61475B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927lac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AB34C6-A18C-425F-BC75-E4729FDBA462",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927lac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5ABFF7-F5DA-485F-976B-5C858B85E994",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD74FED6-4AC0-4BB8-A32D-D849350968B0",
"versionEndExcluding": "4.3.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2915ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE8DBA39-B28F-4901-860E-DE550A8FADA9",
"versionEndExcluding": "4.3.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2915ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4318B8A-B94C-4207-9731-76D35DE85034",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3BC6B8-6B4C-4794-9394-479DF40C7F5A",
"versionEndExcluding": "3.9.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*",
"matchCriteriaId": "167336E2-AAA8-4424-AB07-2D7C9E1542B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2952p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2DE13B-8494-4E98-B18A-2EA35D9A7650",
"versionEndExcluding": "3.9.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2952p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00F421E8-00BE-4451-A948-0D9862E442E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0996CFA6-AA5C-4EFD-BD9E-1B0F23F03804",
"versionEndExcluding": "3.9.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64955940-3998-4B76-92D1-D9F3FAB874B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76E680BF-6C82-4691-92DA-D4F50E4120BB",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66C1DB0D-3F7F-4EF5-9F23-10AC94B4A439",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C04C85F3-C187-4F82-87A9-ECAF197ABA30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "957D95D2-3569-4CA0-9C05-279F32B66F44",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65625316-A171-4C06-BFD0-C15A5ACF58A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926vac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82DF224C-6CE9-43FF-A882-0C3989018D00",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926vac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "059842A3-553B-43A0-A714-15C55DA85752",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE43891-7DB2-4C48-97B7-9F1F3051EA7D",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775E8858-B078-427D-BCB5-6D2B91D17A9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926ln_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1498B13D-10BA-49D2-8229-ADFCA5F44B20",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926ln:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E30F255-ECE9-4E6F-9A22-2826E548C18B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926lac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB36D6A-658F-4A67-BC7F-045C44A3A322",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926lac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4953A99-AD72-4204-BAA9-D87164349E01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "943EEFDB-8958-41BA-84E7-BB28A218B245",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E63AB9A5-C5AE-410E-AFA3-D32F69887D9E",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DF8ECCA-405E-4D60-92ED-7F29F36A985F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4982251-F1DE-46CF-8995-F9B0CAD4D758",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB77A5C7-026C-4172-970A-28E0D1A6F2D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862vac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0622A4B6-8839-4972-AC2A-1634F4241B9A",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862vac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB96DDC-9961-47D4-81DF-4117A1B9C8F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "932AA150-DCEE-4313-92E3-B9AECBD6707B",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7469CB-2CDE-4D2D-988A-13A482A59B28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862bn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A808791A-0863-44F6-8A13-8EFF8EB8C727",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862bn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60F97B4A-B323-4354-9CAC-60BCB02A44DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "137281B3-B1F6-4EC4-BB8B-8652533E2337",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96B57263-4900-4F2E-AA5C-554B5163F489",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862ln_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF2D8790-A2EE-4AE1-A2DC-CC54108DD263",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862ln:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1ADB5D-D2CF-464B-9F1C-45F31A032953",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862lac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5972D23-8225-48C1-B9A5-F63531B548E1",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862lac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A89BEEB-3F13-4C41-9133-788232DD229B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2620l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D38C4B52-81DF-40F2-8760-A25915126158",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2620l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD1E5ED-6A96-4C4A-87D4-692988479D01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2620ln_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDA1B3E-4B46-451B-9462-6BBFF5A16F28",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2620ln:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B71980-6D7A-4B7B-9863-E85CC849ED90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigorlte_200n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99B65954-02D6-4B76-88F2-5787B1A55729",
"versionEndExcluding": "3.9.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigorlte_200n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00DC816E-1840-46F0-97C4-2BA00F5B9E64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7646BDD0-992E-43D6-A5A9-AB5EA5E89FD3",
"versionEndExcluding": "3.9.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C8D979-63A8-419F-86CB-CFDBE8C19B2D",
"versionEndExcluding": "3.9.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F57E3F-8FFB-4A48-8BFD-5245D1EF2B80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03D383A7-C3A8-41E8-8731-04EF97F0CCE1",
"versionEndExcluding": "3.9.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "196CE92C-805E-4B6A-8EA8-7A49515FB617",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133vac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "297393CA-8855-46DD-A229-D46BA338A57C",
"versionEndExcluding": "3.9.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133vac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B81C46C-C837-4C10-AE7F-9E98A1A9E15C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133fvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56923C0D-7FBF-4110-8220-07D2FFEA30A6",
"versionEndExcluding": "3.9.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133fvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1999AE2-3E6E-4D18-8FF1-D2A853B5975F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61F5E418-BA97-4F40-B3E6-AE256FE0EFDD",
"versionEndExcluding": "3.9.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2762n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C44183E5-3030-45F1-BE3E-EAA47312E6AB",
"versionEndExcluding": "3.9.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2762n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47B532B5-386F-4C4C-8554-C73409124306",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2762ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E41A4B2-4C20-433F-9285-95909A0AEE3B",
"versionEndExcluding": "3.9.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2762ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA5BFB-5D2F-44B2-B995-0675243264CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2762vac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67A1CBE5-09BF-47A6-A6CA-5FF5CEF6670F",
"versionEndExcluding": "3.9.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2762vac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F97B07D-BC53-42A4-BBA3-D9CF5D474C9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71348479-95FE-4E66-A068-74DA89C82F6F",
"versionEndExcluding": "4.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E644893-0457-43A9-98AB-9DB37A5C415C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE35F98-0304-415F-B8AF-93C17F8DA6CB",
"versionEndExcluding": "4.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E33E647-5883-44FA-9915-34B89090D4E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0394013-3F27-4ACA-81C1-17399631DF84",
"versionEndExcluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2135ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1355BCF1-FB23-45B9-9201-EA25B2F33920",
"versionEndExcluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2135ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77D227B7-1121-4657-A621-AF0C0E766D90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2135vac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDB62F3-082E-4763-BAA0-69B78DA16B5C",
"versionEndExcluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2135vac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC1C9BE-31B5-47DD-BE09-0984EE29A957",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2135fvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3327574-E0DB-4CB4-8BDD-C03F09D0974A",
"versionEndExcluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2135fvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "625DE418-F506-4579-9C25-04DCD0FBC7ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D431985C-61B3-4124-A363-3124D1AAF5CC",
"versionEndExcluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2765ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB6111E-2063-4CCF-8E50-4E851264FB16",
"versionEndExcluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2765ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B9AF22-089B-41FB-8E30-BED3E4CE32ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2765vac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F63944F3-F3D4-4240-819F-15694FB71C1D",
"versionEndExcluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2765vac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A582D29-85D9-4FC3-B88A-42B947B9D18C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C34C4A04-A6D0-48F9-BDB0-26847CC0EBAE",
"versionEndExcluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2766ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA939906-239F-40DC-B452-8FF64C9907C7",
"versionEndExcluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2766ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "787134FE-0549-427D-A9CE-32B1C58BC954",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2766vac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E78CBAA-2D96-43C8-84A1-AF6CB42C8131",
"versionEndExcluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2766vac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "228DC583-B6BC-4948-A167-53C49B6D04B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E933-244C-44E7-A7B3-C6009DD12EC2",
"versionEndExcluding": "3.9.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98F02BBA-DADE-48C9-8802-6C170714A3DF",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57E1D55A-45D7-4427-8BF4-197853948E37",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "699735FA-D33E-4F32-9584-B15938FB954E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8F3B5B-F074-4AB1-8F2C-D4680A843781",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D62A63-1E53-469C-B06C-DB6D05C7BE2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865vac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63B4931B-4B4E-4F30-9A53-657746F3AEEF",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865vac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C40B478-C28F-430A-A690-5EF9FFB4812E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA4AF52-76AE-4356-94DD-2033D888ED32",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F462E8-6427-4E42-902B-07E8A9366423",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865lac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14488AE9-7FDB-466C-A7BF-3DF43F4A9FE6",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865lac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B87FA44-4931-4DC4-89BE-72A591C7C355",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E1101F-BFCE-479F-9E3C-932D56E42C9A",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD98A315-7484-442B-A411-CDFCDDDCC625",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F84DE3D-5FFD-4D6F-877A-A656287BDD7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E30E7C6-C4F5-46C4-87F7-E64AD8CA1DAB",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E82803D-B1DE-4541-913C-9128B313AC0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866vac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51C16598-52C3-4302-B2EF-4714007904D5",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866vac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5295B4DF-DE6C-4725-A22B-1186D5AB1325",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F93460D-E72A-4F55-8471-476BD86B83BD",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "315CA850-DA5C-46E8-90A1-457320A52AA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866lac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "962FC4B2-E7AE-4F4F-B6F5-7E71C9EDFFF6",
"versionEndExcluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866lac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4504923B-C903-432D-B4D2-287BD0145F3B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field."
},
{
"lang": "es",
"value": "Se ha detectado un problema en determinados routers DrayTek Vigor versiones anteriores a julio de 2022, como el Vigor3910 versiones anteriores a 4.3.1.1. El archivo /cgi-bin/wlogin.cgi presenta un desbordamiento de b\u00fafer por medio del nombre de usuario o contrase\u00f1a al campo aa o ab"
}
],
"id": "CVE-2022-32548",
"lastModified": "2024-11-21T07:06:36.290",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-29T06:15:09.423",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-02-27 21:15
Modified
2025-06-03 14:06
Severity ?
Summary
Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to not utilize certificate verification, allowing attackers to upload crafted APPE modules from non-official servers, leading to arbitrary code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://draytek.com | Product | |
| cve@mitre.org | https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "013EEA0E-3D6A-43AE-A504-8439462C4F20",
"versionEndExcluding": "4.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E33E647-5883-44FA-9915-34B89090D4E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41CEC37D-608B-4A8C-B8F4-803FF9A8179D",
"versionEndExcluding": "3.9.8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D98663B-F2F5-4ADC-9FD5-75846890EEBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF86F14-D8AA-4F7A-978E-C390BECD2A56",
"versionEndExcluding": "3.9.8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBF2015-9315-44C8-A9FE-E86146F1958E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B13C853-B725-4F3F-B919-1EDCF1F1FA6B",
"versionEndExcluding": "3.9.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "266C73DE-BFC6-4F3E-B022-559B3971CA44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9512D67-5D05-4707-9C01-FEF27BC7D8CD",
"versionEndExcluding": "3.9.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7536B29C-2030-4331-B8BF-D269D86D199B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "825055C3-9212-4406-865A-5CCB27C4E3FE",
"versionEndExcluding": "3.9.9.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5E7BCA-A181-4689-80AD-5B0BF4A62D45",
"versionEndExcluding": "3.9.9.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF9194C-9EC2-4B08-8264-F58E1C649473",
"versionEndExcluding": "3.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68C3D0EB-6019-43A2-BE4E-17E30985BCF0",
"versionEndExcluding": "3.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07D71EA7-2F97-4F7D-BDB8-246710EEEE34",
"versionEndExcluding": "3.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD4B17C-2E8A-45C9-8475-C5FD40C86052",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "815465FB-9BDB-4A16-9E8A-A73B928A7999",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E966A8-E862-4118-B178-93C297765B0B",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31F174D4-CDE6-401D-9040-34B862BDE1F9",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B2CD77-C72F-4C26-B082-EA2671A59116",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570A3205-4E89-47E5-9FAE-2D4FFBD5A667",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12460F51-25AB-4EA9-BC43-9CE8DA992D75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D8A49BF-8174-42D6-B7C2-A461F0B3DC57",
"versionEndExcluding": "4.3.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20C6D6BC-9B8D-4108-80F8-4647013B7843",
"versionEndExcluding": "4.3.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7ECBEFC-3444-4732-80C5-24E4B40B7413",
"versionEndExcluding": "4.3.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282E5318-DAA8-4AA2-8E7D-4B8BD9162153",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120469A7-CC8F-46B9-8EAD-D272485DBBAC",
"versionEndExcluding": "4.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E644893-0457-43A9-98AB-9DB37A5C415C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to not utilize certificate verification, allowing attackers to upload crafted APPE modules from non-official servers, leading to arbitrary code execution."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que los dispositivos Draytek Vigor 165/166 anteriores a la v4.2.6, Vigor 2620/LTE200 anteriores a la v3.9.8.8, Vigor 2860/2925 anteriores a la v3.9.7, Vigor 2862/2926 anteriores a la v3.9.9.4, Vigor 2133/2762/2832 anteriores a la v3.9.8, Vigor 2135/2765/2766 anteriores a la v4.4.5.1, Vigor 2865/2866/2927 anteriores a la v4.4.5.3, Vigor 2962/3910 anteriores a la v4.3.2.7, Vigor 3912 anteriores a la v4.3.5.2 y Vigor 2925 hasta la v3.9.6 no utilizaban la verificaci\u00f3n de certificados, lo que permit\u00eda a los atacantes cargar m\u00f3dulos APPE manipulados desde servidores no oficiales, lo que lleva a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2024-41334",
"lastModified": "2025-06-03T14:06:43.900",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-02-27T21:15:36.483",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "http://draytek.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-02-27 21:15
Modified
2025-06-03 13:52
Severity ?
Summary
An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload a crafted kernel module, allowing for arbitrary code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://draytek.com | Product | |
| cve@mitre.org | https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59521C99-00BA-4503-823E-3FEA44F8DDA0",
"versionEndExcluding": "4.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E644893-0457-43A9-98AB-9DB37A5C415C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08B9436B-B2FE-4644-BB06-B0537EC23A71",
"versionEndExcluding": "4.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E33E647-5883-44FA-9915-34B89090D4E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DD492-4294-484D-A4D2-BCCCA152D57F",
"versionEndExcluding": "3.9.8.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D98663B-F2F5-4ADC-9FD5-75846890EEBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7845410-6E90-4E92-8029-964A7F77EC57",
"versionEndExcluding": "3.9.8.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBF2015-9315-44C8-A9FE-E86146F1958E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02588C38-E98C-4553-93C0-535A0C129783",
"versionEndExcluding": "3.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "266C73DE-BFC6-4F3E-B022-559B3971CA44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43C713BB-02A0-4CD4-A27F-943D5D538444",
"versionEndExcluding": "3.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7536B29C-2030-4331-B8BF-D269D86D199B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "765C62A0-BE3E-4661-8FD6-E9566B7C3C28",
"versionEndExcluding": "3.9.9.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36FE9F0A-223F-42DC-BCB6-4A7A24A65130",
"versionEndExcluding": "3.9.9.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0813DB7-4B52-40E1-9D5C-DBF9FA74EFD0",
"versionEndExcluding": "3.9.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B69D1EC-7C33-4367-80BA-4008E8C9A4BE",
"versionEndExcluding": "3.9.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D46E5FF5-6521-4A10-8CC5-34518A38ECFA",
"versionEndExcluding": "3.9.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD4B17C-2E8A-45C9-8475-C5FD40C86052",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "815465FB-9BDB-4A16-9E8A-A73B928A7999",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E966A8-E862-4118-B178-93C297765B0B",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31F174D4-CDE6-401D-9040-34B862BDE1F9",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B2CD77-C72F-4C26-B082-EA2671A59116",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570A3205-4E89-47E5-9FAE-2D4FFBD5A667",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12460F51-25AB-4EA9-BC43-9CE8DA992D75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0549C870-BE10-441A-B07D-0701915E5A9E",
"versionEndExcluding": "4.3.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:4.4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69EE76E5-A910-46D0-AF34-28D28B77E024",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7",
"versionEndExcluding": "4.3.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E857D42C-1967-46FE-94F6-45B3008ED4DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84670562-F228-40A0-A38D-144EA62556D3",
"versionEndExcluding": "4.3.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282E5318-DAA8-4AA2-8E7D-4B8BD9162153",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload a crafted kernel module, allowing for arbitrary code execution."
},
{
"lang": "es",
"value": "Un problema en el endpoint CGI utilizado para cargar configuraciones en dispositivos Draytek Vigor 165/166 anterior a v4.2.6, Vigor 2620/LTE200 anterior a v3.9.8.8, Vigor 2860/2925 anterior a v3.9.7, Vigor 2862/2926 anterior a v3.9.9.4, Vigor 2133/2762/2832 anterior a v3.9.8, Vigor 2135/2765/2766 anterior a v4.4.5.1, Vigor 2865/2866/2927 anterior a v4.4.5.3, Vigor 2962/3910 anterior a v4.3.2.7, Vigor 3912 anterior a v4.3.5.2 y Vigor 2925 hasta v3.9.6 permite a los atacantes cargar un m\u00f3dulo de kernel manipulado espec\u00edficamente, lo que permite la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2024-41339",
"lastModified": "2025-06-03T13:52:39.957",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-02-27T21:15:36.837",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "http://draytek.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-02-27 21:15
Modified
2025-05-28 16:41
Severity ?
Summary
Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4.4.5. and earlier; Vigor2865/2866/2927 4.4.5.3 and earlier; Vigor2962 4.3.2.8 and earlier; Vigor3912 4.3.6.1 and earlier; Vigor3910 4.4.3.1 and earlier a stack-based buffer overflow vulnerability has been identified in the URL parsing functionality of the TR069 STUN server. This flaw occurs due to insufficient bounds checking on the amount of URL parameters, allowing an attacker to exploit the overflow by sending a maliciously crafted request. Consequently, a remote attacker can execute arbitrary code with elevated privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://draytek.com | Product | |
| cve@mitre.org | https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD4EA0F-391C-4A2E-B5CD-0D0689C36F20",
"versionEndExcluding": "4.4.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282E5318-DAA8-4AA2-8E7D-4B8BD9162153",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5485DD5C-12A3-4289-8196-43FFB3DF8B06",
"versionEndExcluding": "3.9.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D98663B-F2F5-4ADC-9FD5-75846890EEBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80EC4363-A351-4117-96CE-1F8B4748FCAC",
"versionEndExcluding": "3.9.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBF2015-9315-44C8-A9FE-E86146F1958E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "519DD534-4B4A-48A4-9C5D-FB197DC5C777",
"versionEndExcluding": "3.9.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "266C73DE-BFC6-4F3E-B022-559B3971CA44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFCA64D1-9731-4990-AD61-F673D41716BE",
"versionEndExcluding": "3.9.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7536B29C-2030-4331-B8BF-D269D86D199B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2821747D-FDE2-47FA-B352-70F6FBE0473D",
"versionEndExcluding": "3.9.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD3195E-BA40-40B3-AF13-64AFF4890EE4",
"versionEndExcluding": "3.9.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F53804E7-59F0-4328-A732-9A14EB076E87",
"versionEndExcluding": "3.9.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42C4DE6D-EE26-4445-8F57-0DCEC311A6A2",
"versionEndExcluding": "3.9.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC78800A-438E-4B67-B3A5-F18D10F5D9B5",
"versionEndExcluding": "3.9.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CBCFE34-3027-4DBB-9214-4CC891865F25",
"versionEndExcluding": "4.4.5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "162BD269-E656-4A91-9E8C-A5E26A646B2D",
"versionEndExcluding": "4.4.5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9695AA4E-EC4A-4F02-BFCD-5308CBE19510",
"versionEndExcluding": "4.4.5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ECD7087-34D5-4841-97D1-B9F361327016",
"versionEndExcluding": "4.4.5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA9DF5D-6651-455A-9305-C42C0FF51F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45D6CD9B-5252-4541-9745-3F4E4D0C5C82",
"versionEndExcluding": "4.4.5.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F40A5ACD-BC60-4C97-BF7D-6B609A1D99E6",
"versionEndExcluding": "4.4.5.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74715D2C-FDF6-4882-A57A-327014FCC1CB",
"versionEndExcluding": "4.4.5.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12460F51-25AB-4EA9-BC43-9CE8DA992D75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "093FCEE3-FEAA-4DA5-AD20-206D3822C63F",
"versionEndExcluding": "4.3.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94AD7401-FE5B-4E5F-9469-DEDB101C6990",
"versionEndExcluding": "4.4.3.2",
"versionStartIncluding": "4.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "529BDB13-03F3-4EF4-A15C-4EF2467DF5AE",
"versionEndExcluding": "4.3.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18DFF3-93B4-462C-908E-99C243EFFA2F",
"versionEndExcluding": "4.4.3.2",
"versionStartIncluding": "4.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A876E867-03E8-470E-A830-C0C5FBCCB257",
"versionEndExcluding": "4.4.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B75C80CA-401A-4228-98F9-D27E529DC32D",
"versionEndExcluding": "4.4.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF86645-253A-4BA3-BA2A-2725575C390D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F39C5A58-E6F1-4BA5-B321-7EA78F8DC7A6",
"versionEndExcluding": "3.9.8.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*",
"matchCriteriaId": "167336E2-AAA8-4424-AB07-2D7C9E1542B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85DA10A6-CA24-4D03-B4DC-CC9A33D7E22D",
"versionEndExcluding": "3.9.8.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64955940-3998-4B76-92D1-D9F3FAB874B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4.4.5. and earlier; Vigor2865/2866/2927 4.4.5.3 and earlier; Vigor2962 4.3.2.8 and earlier; Vigor3912 4.3.6.1 and earlier; Vigor3910 4.4.3.1 and earlier a stack-based buffer overflow vulnerability has been identified in the URL parsing functionality of the TR069 STUN server. This flaw occurs due to insufficient bounds checking on the amount of URL parameters, allowing an attacker to exploit the overflow by sending a maliciously crafted request. Consequently, a remote attacker can execute arbitrary code with elevated privileges."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad de desbordamiento de b\u00fafer basada en pila en la funcionalidad de an\u00e1lisis de URL del servidor STUN TR069. Vigor165/166 4.2.7 y anteriores; Vigor2620/LTE200 3.9.8.9 y anteriores; Vigor2860/2925 3.9.8 y anteriores; Vigor2862/2926 3.9.9.5 y anteriores; Vigor2133/2762/2832 3.9.9 y anteriores; Vigor2135/2765/2766 4.4.5. y anteriores; Vigor2865/2866/2927 4.4.5.3 y anteriores; Vigor2962 4.3.2.8 y anteriores; Vigor3912 4.3.6.1 y anteriores; Vigor3910 4.4.3.1 y anteriores se ha identificado una vulnerabilidad de desbordamiento de b\u00fafer basada en pila en la funcionalidad de an\u00e1lisis de URL del servidor STUN TR069. Esta falla se produce debido a una verificaci\u00f3n insuficiente de los l\u00edmites de la cantidad de par\u00e1metros de URL, lo que permite a un atacante aprovechar el desbordamiento mediante el env\u00edo de una solicitud manipulada con fines malintencionados. En consecuencia, un atacante remoto puede ejecutar c\u00f3digo arbitrario con privilegios elevados."
}
],
"id": "CVE-2024-51138",
"lastModified": "2025-05-28T16:41:26.460",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-02-27T21:15:37.023",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "http://draytek.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-02-27 21:15
Modified
2025-06-03 13:52
Severity ?
Summary
An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload crafted APP Enforcement modules, leading to arbitrary code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://draytek.com | Product | |
| cve@mitre.org | https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59521C99-00BA-4503-823E-3FEA44F8DDA0",
"versionEndExcluding": "4.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E644893-0457-43A9-98AB-9DB37A5C415C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08B9436B-B2FE-4644-BB06-B0537EC23A71",
"versionEndExcluding": "4.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E33E647-5883-44FA-9915-34B89090D4E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7DD492-4294-484D-A4D2-BCCCA152D57F",
"versionEndExcluding": "3.9.8.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D98663B-F2F5-4ADC-9FD5-75846890EEBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7845410-6E90-4E92-8029-964A7F77EC57",
"versionEndExcluding": "3.9.8.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBF2015-9315-44C8-A9FE-E86146F1958E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02588C38-E98C-4553-93C0-535A0C129783",
"versionEndExcluding": "3.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "266C73DE-BFC6-4F3E-B022-559B3971CA44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43C713BB-02A0-4CD4-A27F-943D5D538444",
"versionEndExcluding": "3.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7536B29C-2030-4331-B8BF-D269D86D199B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "765C62A0-BE3E-4661-8FD6-E9566B7C3C28",
"versionEndExcluding": "3.9.9.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36FE9F0A-223F-42DC-BCB6-4A7A24A65130",
"versionEndExcluding": "3.9.9.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0813DB7-4B52-40E1-9D5C-DBF9FA74EFD0",
"versionEndExcluding": "3.9.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B69D1EC-7C33-4367-80BA-4008E8C9A4BE",
"versionEndExcluding": "3.9.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D46E5FF5-6521-4A10-8CC5-34518A38ECFA",
"versionEndExcluding": "3.9.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD4B17C-2E8A-45C9-8475-C5FD40C86052",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "815465FB-9BDB-4A16-9E8A-A73B928A7999",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E966A8-E862-4118-B178-93C297765B0B",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31F174D4-CDE6-401D-9040-34B862BDE1F9",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B2CD77-C72F-4C26-B082-EA2671A59116",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570A3205-4E89-47E5-9FAE-2D4FFBD5A667",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12460F51-25AB-4EA9-BC43-9CE8DA992D75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0549C870-BE10-441A-B07D-0701915E5A9E",
"versionEndExcluding": "4.3.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:4.4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69EE76E5-A910-46D0-AF34-28D28B77E024",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7",
"versionEndExcluding": "4.3.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E857D42C-1967-46FE-94F6-45B3008ED4DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84670562-F228-40A0-A38D-144EA62556D3",
"versionEndExcluding": "4.3.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282E5318-DAA8-4AA2-8E7D-4B8BD9162153",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload crafted APP Enforcement modules, leading to arbitrary code execution."
},
{
"lang": "es",
"value": "Un problema en los dispositivos Draytek Vigor 165/166 anteriores a la v4.2.6, Vigor 2620/LTE200 anteriores a la v3.9.8.8, Vigor 2860/2925 anteriores a la v3.9.7, Vigor 2862/2926 anteriores a la v3.9.9.4, Vigor 2133/2762/2832 anteriores a la v3.9.8, Vigor 2135/2765/2766 anteriores a la v4.4.5.1, Vigor 2865/2866/2927 anteriores a la v4.4.5.3, Vigor 2962/3910 anteriores a la v4.3.2.7, Vigor 3912 anteriores a la v4.3.5.2 y Vigor 2925 hasta la v3.9.6 permite a los atacantes cargar aplicaciones manipuladas por ellos. M\u00f3dulos de cumplimiento que conducen a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2024-41340",
"lastModified": "2025-06-03T13:52:23.300",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-02-27T21:15:36.923",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "http://draytek.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-02-27 21:15
Modified
2025-06-03 14:06
Severity ?
Summary
A NULL pointer dereference in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to cause a Denial of Service (DoS) via a crafted DHCP request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://draytek.com | Product | |
| cve@mitre.org | https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120469A7-CC8F-46B9-8EAD-D272485DBBAC",
"versionEndExcluding": "4.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E644893-0457-43A9-98AB-9DB37A5C415C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "013EEA0E-3D6A-43AE-A504-8439462C4F20",
"versionEndExcluding": "4.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E33E647-5883-44FA-9915-34B89090D4E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41CEC37D-608B-4A8C-B8F4-803FF9A8179D",
"versionEndExcluding": "3.9.8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D98663B-F2F5-4ADC-9FD5-75846890EEBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF86F14-D8AA-4F7A-978E-C390BECD2A56",
"versionEndExcluding": "3.9.8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBF2015-9315-44C8-A9FE-E86146F1958E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B13C853-B725-4F3F-B919-1EDCF1F1FA6B",
"versionEndExcluding": "3.9.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "266C73DE-BFC6-4F3E-B022-559B3971CA44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9512D67-5D05-4707-9C01-FEF27BC7D8CD",
"versionEndExcluding": "3.9.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7536B29C-2030-4331-B8BF-D269D86D199B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "825055C3-9212-4406-865A-5CCB27C4E3FE",
"versionEndExcluding": "3.9.9.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5E7BCA-A181-4689-80AD-5B0BF4A62D45",
"versionEndExcluding": "3.9.9.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF9194C-9EC2-4B08-8264-F58E1C649473",
"versionEndExcluding": "3.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68C3D0EB-6019-43A2-BE4E-17E30985BCF0",
"versionEndExcluding": "3.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07D71EA7-2F97-4F7D-BDB8-246710EEEE34",
"versionEndExcluding": "3.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD4B17C-2E8A-45C9-8475-C5FD40C86052",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "815465FB-9BDB-4A16-9E8A-A73B928A7999",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E966A8-E862-4118-B178-93C297765B0B",
"versionEndExcluding": "4.4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31F174D4-CDE6-401D-9040-34B862BDE1F9",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B2CD77-C72F-4C26-B082-EA2671A59116",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570A3205-4E89-47E5-9FAE-2D4FFBD5A667",
"versionEndExcluding": "4.4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12460F51-25AB-4EA9-BC43-9CE8DA992D75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D8A49BF-8174-42D6-B7C2-A461F0B3DC57",
"versionEndExcluding": "4.3.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20C6D6BC-9B8D-4108-80F8-4647013B7843",
"versionEndExcluding": "4.3.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7ECBEFC-3444-4732-80C5-24E4B40B7413",
"versionEndExcluding": "4.3.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282E5318-DAA8-4AA2-8E7D-4B8BD9162153",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to cause a Denial of Service (DoS) via a crafted DHCP request."
},
{
"lang": "es",
"value": "Una desreferencia de puntero NULL en los dispositivos Draytek Vigor 165/166 anteriores a v4.2.6, Vigor 2620/LTE200 anteriores a v3.9.8.8, Vigor 2860/2925 anteriores a v3.9.7, Vigor 2862/2926 anteriores a v3.9.9.4, Vigor 2133/2762/2832 anteriores a v3.9.8, Vigor 2135/2765/2766 anteriores a v4.4.5.1, Vigor 2865/2866/2927 anteriores a v4.4.5.3, Vigor 2962/3910 anteriores a v4.3.2.7, Vigor 3912 anteriores a v4.3.5.2 y Vigor 2925 hasta v3.9.6 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de una solicitud DHCP manipulada espec\u00edficamente."
}
],
"id": "CVE-2024-41338",
"lastModified": "2025-06-03T14:06:40.670",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-02-27T21:15:36.753",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "http://draytek.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CVE-2022-32548 (GCVE-0-2022-32548)
Vulnerability from cvelistv5
Published
2022-08-29 05:38
Modified
2024-08-03 07:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-29T05:38:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-32548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers",
"refsource": "MISC",
"url": "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers"
},
{
"name": "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html",
"refsource": "MISC",
"url": "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-32548",
"datePublished": "2022-08-29T05:38:35",
"dateReserved": "2022-06-08T00:00:00",
"dateUpdated": "2024-08-03T07:46:43.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51138 (GCVE-0-2024-51138)
Vulnerability from cvelistv5
Published
2025-02-27 00:00
Modified
2025-02-28 21:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4.4.5. and earlier; Vigor2865/2866/2927 4.4.5.3 and earlier; Vigor2962 4.3.2.8 and earlier; Vigor3912 4.3.6.1 and earlier; Vigor3910 4.4.3.1 and earlier a stack-based buffer overflow vulnerability has been identified in the URL parsing functionality of the TR069 STUN server. This flaw occurs due to insufficient bounds checking on the amount of URL parameters, allowing an attacker to exploit the overflow by sending a maliciously crafted request. Consequently, a remote attacker can execute arbitrary code with elevated privileges.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51138",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T16:59:55.612494Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T21:31:37.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4.4.5. and earlier; Vigor2865/2866/2927 4.4.5.3 and earlier; Vigor2962 4.3.2.8 and earlier; Vigor3912 4.3.6.1 and earlier; Vigor3910 4.4.3.1 and earlier a stack-based buffer overflow vulnerability has been identified in the URL parsing functionality of the TR069 STUN server. This flaw occurs due to insufficient bounds checking on the amount of URL parameters, allowing an attacker to exploit the overflow by sending a maliciously crafted request. Consequently, a remote attacker can execute arbitrary code with elevated privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:46:11.945Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://draytek.com"
},
{
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51138",
"datePublished": "2025-02-27T00:00:00.000Z",
"dateReserved": "2024-10-28T00:00:00.000Z",
"dateUpdated": "2025-02-28T21:31:37.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41340 (GCVE-0-2024-41340)
Vulnerability from cvelistv5
Published
2025-02-27 00:00
Modified
2025-02-28 21:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload crafted APP Enforcement modules, leading to arbitrary code execution.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41340",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T16:58:48.633348Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T21:44:05.694Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload crafted APP Enforcement modules, leading to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:42:52.869Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://draytek.com"
},
{
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41340",
"datePublished": "2025-02-27T00:00:00.000Z",
"dateReserved": "2024-07-18T00:00:00.000Z",
"dateUpdated": "2025-02-28T21:44:05.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41338 (GCVE-0-2024-41338)
Vulnerability from cvelistv5
Published
2025-02-27 00:00
Modified
2025-02-28 14:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A NULL pointer dereference in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to cause a Denial of Service (DoS) via a crafted DHCP request.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T14:30:53.659267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T14:32:28.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to cause a Denial of Service (DoS) via a crafted DHCP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:39:41.165Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://draytek.com"
},
{
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41338",
"datePublished": "2025-02-27T00:00:00.000Z",
"dateReserved": "2024-07-18T00:00:00.000Z",
"dateUpdated": "2025-02-28T14:32:28.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41339 (GCVE-0-2024-41339)
Vulnerability from cvelistv5
Published
2025-02-27 00:00
Modified
2025-05-06 18:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload a crafted kernel module, allowing for arbitrary code execution.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41339",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-06T18:07:03.272786Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T18:07:42.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload a crafted kernel module, allowing for arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:41:03.831Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://draytek.com"
},
{
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41339",
"datePublished": "2025-02-27T00:00:00.000Z",
"dateReserved": "2024-07-18T00:00:00.000Z",
"dateUpdated": "2025-05-06T18:07:42.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41334 (GCVE-0-2024-41334)
Vulnerability from cvelistv5
Published
2025-02-27 00:00
Modified
2025-05-06 18:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to not utilize certificate verification, allowing attackers to upload crafted APPE modules from non-official servers, leading to arbitrary code execution.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41334",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-06T18:05:40.282159Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T18:05:50.033Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to not utilize certificate verification, allowing attackers to upload crafted APPE modules from non-official servers, leading to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:44:23.405Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://draytek.com"
},
{
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41334",
"datePublished": "2025-02-27T00:00:00.000Z",
"dateReserved": "2024-07-18T00:00:00.000Z",
"dateUpdated": "2025-05-06T18:05:50.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51139 (GCVE-0-2024-51139)
Vulnerability from cvelistv5
Published
2025-02-27 00:00
Modified
2025-02-28 17:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 and earlier and Vigor2865/2866/2927 4.4.5.3 and earlier and Vigor2962/3910 4.3.2.8/4.4.3.1 and earlier and Vigor3912 4.3.6.1 and earlier allows a remote attacker to execute arbitrary code via the CGI parser's handling of the "Content-Length" header of HTTP POST requests.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T16:59:54.401854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T17:23:14.780Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 and earlier and Vigor2865/2866/2927 4.4.5.3 and earlier and Vigor2962/3910 4.3.2.8/4.4.3.1 and earlier and Vigor3912 4.3.6.1 and earlier allows a remote attacker to execute arbitrary code via the CGI parser\u0027s handling of the \"Content-Length\" header of HTTP POST requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:47:37.278Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://draytek.com"
},
{
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51139",
"datePublished": "2025-02-27T00:00:00.000Z",
"dateReserved": "2024-10-28T00:00:00.000Z",
"dateUpdated": "2025-02-28T17:23:14.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}