CVE-2020-14993

A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:04

Type Values Removed Values Added
References () https://github.com/dexterone/Vigor-poc - Exploit, Third Party Advisory () https://github.com/dexterone/Vigor-poc - Exploit, Third Party Advisory
References () https://www.draytek.com/about/security-advisory - Vendor Advisory () https://www.draytek.com/about/security-advisory - Vendor Advisory
References () https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability-%28cve-2020-14473%29 - () https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability-%28cve-2020-14473%29 -

07 Nov 2023, 03:17

Type Values Removed Values Added
References
  • {'url': 'https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability-(cve-2020-14473)', 'name': 'https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability-(cve-2020-14473)', 'tags': ['Patch', 'Vendor Advisory'], 'refsource': 'CONFIRM'}
  • () https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability-%28cve-2020-14473%29 -

Information

Published : 2020-06-23 12:15

Updated : 2024-11-21 05:04


NVD link : CVE-2020-14993

Mitre link : CVE-2020-14993

CVE.ORG link : CVE-2020-14993


JSON object : View

Products Affected

draytek

  • vigor3900_firmware
  • vigor3900
  • vigor300b_firmware
  • vigor2960
  • vigor2960_firmware
  • vigor300b
CWE
CWE-787

Out-of-bounds Write