Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2024-3314
Vulnerability from csaf_certbund
Published
2024-10-30 23:00
Modified
2024-11-05 23:00
Summary
DrayTek Vigor: Mehrere Schwachstellen ermöglichen Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
DrayTek Vigor ist eine Serie von Netzwerkgeräten, die von der Firma DrayTek hergestellt wird
Angriff
Ein entfernter anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in DrayTek Vigor ausnutzen, um beliebigen Code auszuführen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "DrayTek Vigor ist eine Serie von Netzwerkger\u00e4ten, die von der Firma DrayTek hergestellt wird",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in DrayTek Vigor ausnutzen, um beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3314 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3314.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3314 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3314"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-10-30",
"url": "https://github.com/advisories/GHSA-64xw-25gj-x6w6"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-10-30",
"url": "https://github.com/advisories/GHSA-8xq2-3cqg-9xfj"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-10-30",
"url": "https://github.com/advisories/GHSA-fh9m-mpjc-38hg"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-10-30",
"url": "https://github.com/advisories/GHSA-fv52-m5w8-2242"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-10-30",
"url": "https://github.com/advisories/GHSA-v76h-6p79-mvh2"
},
{
"category": "external",
"summary": "PoC auf Github vom 2024-10-30",
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-10-30",
"url": "https://github.com/advisories/GHSA-jwgw-4h9p-rxx6"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-10-30",
"url": "https://github.com/advisories/GHSA-qq59-g9rc-v6vx"
}
],
"source_lang": "en-US",
"title": "DrayTek Vigor: Mehrere Schwachstellen erm\u00f6glichen Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2024-11-05T23:00:00.000+00:00",
"generator": {
"date": "2024-11-06T11:05:13.376+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3314",
"initial_release_date": "2024-10-30T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-30T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-10-31T23:00:00.000+00:00",
"number": "2",
"summary": "CVE\u0027s erg\u00e4nzt"
},
{
"date": "2024-11-03T23:00:00.000+00:00",
"number": "3",
"summary": "CVE\u0027s erg\u00e4nzt"
},
{
"date": "2024-11-04T23:00:00.000+00:00",
"number": "4",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2024-11-05T23:00:00.000+00:00",
"number": "5",
"summary": "CVE\u0027s erg\u00e4nzt"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3900 1.5.1.3",
"product": {
"name": "DrayTek Vigor 3900 1.5.1.3",
"product_id": "T038703",
"product_identification_helper": {
"cpe": "cpe:/h:draytek:vigor:3900_1.5.1.3"
}
}
}
],
"category": "product_name",
"name": "Vigor"
}
],
"category": "vendor",
"name": "DrayTek"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45882",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-45882"
},
{
"cve": "CVE-2024-45884",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-45884"
},
{
"cve": "CVE-2024-45885",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-45885"
},
{
"cve": "CVE-2024-45889",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-45889"
},
{
"cve": "CVE-2024-45891",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-45891"
},
{
"cve": "CVE-2024-51244",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51244"
},
{
"cve": "CVE-2024-51245",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51245"
},
{
"cve": "CVE-2024-51247",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51247"
},
{
"cve": "CVE-2024-51248",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51248"
},
{
"cve": "CVE-2024-51249",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51249"
},
{
"cve": "CVE-2024-51252",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51252"
},
{
"cve": "CVE-2024-51254",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51254"
},
{
"cve": "CVE-2024-51255",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51255"
},
{
"cve": "CVE-2024-51257",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51257"
},
{
"cve": "CVE-2024-51258",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51258"
},
{
"cve": "CVE-2024-51259",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51259"
},
{
"cve": "CVE-2024-51260",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51260"
},
{
"cve": "CVE-2024-51298",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51298"
},
{
"cve": "CVE-2024-51301",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51301"
},
{
"cve": "CVE-2024-51304",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im DrayTek Vigor3900. Diese Fehler existieren wegen verschiedener Probleme bei der Befehlsinjektion. Durch den Aufruf bestimmter Funktionen kann ein entfernter, anonymer oder authentifizierter Angreifer diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren. Zur Ausnutzung einiger diese Schwachstellen ist eine Anmeldung erforderlich."
}
],
"product_status": {
"known_affected": [
"T038703"
]
},
"release_date": "2024-10-30T23:00:00.000+00:00",
"title": "CVE-2024-51304"
}
]
}
CVE-2024-51301 (GCVE-0-2024-51301)
Vulnerability from cvelistv5
Published
2024-10-30 00:00
Modified
2024-10-30 17:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the packet_monitor function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51301",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T17:15:10.087598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T17:15:48.466Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the packet_monitor function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T13:08:20.402687",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51301",
"datePublished": "2024-10-30T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-10-30T17:15:48.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51258 (GCVE-0-2024-51258)
Vulnerability from cvelistv5
Published
2024-10-30 00:00
Modified
2024-10-30 17:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doSSLTunnel function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51258",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T17:32:51.544255Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T17:35:03.692Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doSSLTunnel function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T16:17:24.299680",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51258",
"datePublished": "2024-10-30T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-10-30T17:35:03.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51304 (GCVE-0-2024-51304)
Vulnerability from cvelistv5
Published
2024-10-30 00:00
Modified
2024-10-30 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ldap_search_dn function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51304",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T17:21:47.940284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T17:22:21.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ldap_search_dn function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T13:02:49.982113",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51304",
"datePublished": "2024-10-30T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-10-30T17:22:21.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45882 (GCVE-0-2024-45882)
Vulnerability from cvelistv5
Published
2024-11-04 00:00
Modified
2024-11-04 16:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 contains a command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `delete_map_profile.`
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45882",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T16:47:38.444786Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T16:57:45.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 contains a command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `delete_map_profile.`"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T14:38:55.126181",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/N1nEmAn/wp/blob/main/test_v.zip"
},
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-45882",
"datePublished": "2024-11-04T00:00:00",
"dateReserved": "2024-09-11T00:00:00",
"dateUpdated": "2024-11-04T16:57:45.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51298 (GCVE-0-2024-51298)
Vulnerability from cvelistv5
Published
2024-10-30 00:00
Modified
2025-03-19 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5..1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51298",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T15:24:07.742583Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T20:47:20.953Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T13:22:00.907Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51298",
"datePublished": "2024-10-30T00:00:00.000Z",
"dateReserved": "2024-10-28T00:00:00.000Z",
"dateUpdated": "2025-03-19T20:47:20.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51249 (GCVE-0-2024-51249)
Vulnerability from cvelistv5
Published
2024-11-04 00:00
Modified
2024-11-04 17:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the reboot function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51249",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T16:47:43.500870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:01:44.361Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the reboot function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T13:21:47.499485",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51249",
"datePublished": "2024-11-04T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-11-04T17:01:44.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51247 (GCVE-0-2024-51247)
Vulnerability from cvelistv5
Published
2024-11-01 00:00
Modified
2024-11-04 17:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doPPPo function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51247",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T16:47:52.458686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:04:32.329Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doPPPo function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T17:02:09.096779",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51247",
"datePublished": "2024-11-01T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-11-04T17:04:32.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45884 (GCVE-0-2024-45884)
Vulnerability from cvelistv5
Published
2024-11-04 00:00
Modified
2024-11-04 16:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `setSWMGroup.`
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45884",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T16:47:37.263847Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T16:57:11.329Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `setSWMGroup.`"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T14:36:21.267921",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/N1nEmAn/wp/blob/main/test_v.zip"
},
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-45884",
"datePublished": "2024-11-04T00:00:00",
"dateReserved": "2024-09-11T00:00:00",
"dateUpdated": "2024-11-04T16:57:11.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51245 (GCVE-0-2024-51245)
Vulnerability from cvelistv5
Published
2024-11-01 00:00
Modified
2024-11-04 17:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In DrayTek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the rename_table function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51245",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T16:47:53.512882Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:04:44.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In DrayTek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the rename_table function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T16:15:16.615097",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51245",
"datePublished": "2024-11-01T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-11-04T17:04:44.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51248 (GCVE-0-2024-51248)
Vulnerability from cvelistv5
Published
2024-11-01 00:00
Modified
2024-11-04 17:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the modifyrow function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51248",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T16:47:51.512044Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:04:23.603Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the modifyrow function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T17:04:45.602483",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51248",
"datePublished": "2024-11-01T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-11-04T17:04:23.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51259 (GCVE-0-2024-51259)
Vulnerability from cvelistv5
Published
2024-10-31 00:00
Modified
2024-10-31 18:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the setup_cacertificate function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51259",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-31T18:24:44.852897Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T18:25:18.179Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the setup_cacertificate function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T13:53:39.741865",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51259",
"datePublished": "2024-10-31T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-10-31T18:25:18.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51254 (GCVE-0-2024-51254)
Vulnerability from cvelistv5
Published
2024-10-31 00:00
Modified
2024-10-31 14:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the sign_cacertificate function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51254",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-31T14:30:31.515025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T14:51:54.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the sign_cacertificate function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T13:59:32.710821",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51254",
"datePublished": "2024-10-31T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-10-31T14:51:54.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51257 (GCVE-0-2024-51257)
Vulnerability from cvelistv5
Published
2024-10-30 00:00
Modified
2024-10-30 15:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51257",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T15:11:32.123629Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:17:40.091Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T13:36:44.722605",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51257",
"datePublished": "2024-10-30T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-10-30T15:17:40.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51255 (GCVE-0-2024-51255)
Vulnerability from cvelistv5
Published
2024-10-31 00:00
Modified
2024-10-31 18:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequest_certificate function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51255",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-31T18:23:41.311376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T18:24:24.979Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequest_certificate function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T15:27:05.051641",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51255",
"datePublished": "2024-10-31T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-10-31T18:24:24.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45889 (GCVE-0-2024-45889)
Vulnerability from cvelistv5
Published
2024-11-04 00:00
Modified
2024-11-04 17:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `commandTable.`
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45889",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T16:47:40.683991Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:01:17.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `commandTable.`"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T14:23:29.104106",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/N1nEmAn/wp/blob/main/test_v.zip"
},
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-45889",
"datePublished": "2024-11-04T00:00:00",
"dateReserved": "2024-09-11T00:00:00",
"dateUpdated": "2024-11-04T17:01:17.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51244 (GCVE-0-2024-51244)
Vulnerability from cvelistv5
Published
2024-11-01 00:00
Modified
2024-11-04 17:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doIPSec function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51244",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T16:47:54.422719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:05:00.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doIPSec function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T16:08:28.806826",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51244",
"datePublished": "2024-11-01T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-11-04T17:05:00.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51260 (GCVE-0-2024-51260)
Vulnerability from cvelistv5
Published
2024-10-31 00:00
Modified
2024-10-31 18:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acme_process function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51260",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-31T18:18:40.389262Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T18:22:54.560Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the acme_process function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T15:32:20.221793",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51260",
"datePublished": "2024-10-31T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-10-31T18:22:54.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51252 (GCVE-0-2024-51252)
Vulnerability from cvelistv5
Published
2024-11-01 00:00
Modified
2024-11-04 20:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the restore function.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-51252",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T20:50:44.893195Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T20:52:26.636Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the restore function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T17:27:43.482471",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-51252",
"datePublished": "2024-11-01T00:00:00",
"dateReserved": "2024-10-28T00:00:00",
"dateUpdated": "2024-11-04T20:52:26.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45885 (GCVE-0-2024-45885)
Vulnerability from cvelistv5
Published
2024-11-04 00:00
Modified
2024-11-04 16:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `autodiscovery_clear.`
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45885",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T16:47:36.045726Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T16:54:21.528Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `autodiscovery_clear.`"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T14:33:17.324799",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/N1nEmAn/wp/blob/main/test_v.zip"
},
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-45885",
"datePublished": "2024-11-04T00:00:00",
"dateReserved": "2024-09-11T00:00:00",
"dateUpdated": "2024-11-04T16:54:21.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45891 (GCVE-0-2024-45891)
Vulnerability from cvelistv5
Published
2024-11-04 00:00
Modified
2024-11-04 16:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `delete_wlan_profile.`
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vigor3900_firmware",
"vendor": "draytek",
"versions": [
{
"status": "affected",
"version": "1.5.1.3"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45891",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T16:47:34.880228Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T16:54:11.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `delete_wlan_profile.`"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T14:41:36.492433",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/N1nEmAn/wp/blob/main/test_v.zip"
},
{
"url": "https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor3900/1.5.1.3/DrayTek_Vigor_3900_1.5.1.3.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-45891",
"datePublished": "2024-11-04T00:00:00",
"dateReserved": "2024-09-11T00:00:00",
"dateUpdated": "2024-11-04T16:54:11.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…