CVE-2022-32548

An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:draytek:vigor2962p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2962p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:draytek:vigor2927ax_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2927ax:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:draytek:vigor2927ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2927ac:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:draytek:vigor2927vac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2927vac:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:draytek:vigor2927l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2927l:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:draytek:vigor2927lac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2927lac:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:draytek:vigor2915ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2915ac:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:draytek:vigor2952p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2952p:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:draytek:vigor2926n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2926n:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:draytek:vigor2926ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2926ac:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:draytek:vigor2926vac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2926vac:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:draytek:vigor2926l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2926l:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:draytek:vigor2926ln_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2926ln:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:draytek:vigor2926lac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2926lac:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:draytek:vigor2862n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2862n:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:draytek:vigor2862ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2862ac:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:draytek:vigor2862vac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2862vac:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:draytek:vigor2862b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2862b:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:draytek:vigor2862bn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2862bn:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:draytek:vigor2862l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2862l:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:draytek:vigor2862ln_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2862ln:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:draytek:vigor2862lac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2862lac:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:draytek:vigor2620l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2620l:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:draytek:vigor2620ln_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2620ln:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:draytek:vigorlte_200n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigorlte_200n:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:draytek:vigor2133n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2133n:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:draytek:vigor2133ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2133ac:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:draytek:vigor2133vac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2133vac:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:draytek:vigor2133fvac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2133fvac:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:draytek:vigor2762n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2762n:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:draytek:vigor2762ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2762ac:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:draytek:vigor2762vac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2762vac:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND
cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*

Configuration 46 (hide)

AND
cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*

Configuration 47 (hide)

AND
cpe:2.3:o:draytek:vigor2135ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2135ac:-:*:*:*:*:*:*:*

Configuration 48 (hide)

AND
cpe:2.3:o:draytek:vigor2135vac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2135vac:-:*:*:*:*:*:*:*

Configuration 49 (hide)

AND
cpe:2.3:o:draytek:vigor2135fvac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2135fvac:-:*:*:*:*:*:*:*

Configuration 50 (hide)

AND
cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*

Configuration 51 (hide)

AND
cpe:2.3:o:draytek:vigor2765ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2765ac:-:*:*:*:*:*:*:*

Configuration 52 (hide)

AND
cpe:2.3:o:draytek:vigor2765vac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2765vac:-:*:*:*:*:*:*:*

Configuration 53 (hide)

AND
cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*

Configuration 54 (hide)

AND
cpe:2.3:o:draytek:vigor2766ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2766ac:-:*:*:*:*:*:*:*

Configuration 55 (hide)

AND
cpe:2.3:o:draytek:vigor2766vac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2766vac:-:*:*:*:*:*:*:*

Configuration 56 (hide)

AND
cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*

Configuration 57 (hide)

AND
cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*

Configuration 58 (hide)

AND
cpe:2.3:o:draytek:vigor2865ax_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2865ax:-:*:*:*:*:*:*:*

Configuration 59 (hide)

AND
cpe:2.3:o:draytek:vigor2865ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2865ac:-:*:*:*:*:*:*:*

Configuration 60 (hide)

AND
cpe:2.3:o:draytek:vigor2865vac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2865vac:-:*:*:*:*:*:*:*

Configuration 61 (hide)

AND
cpe:2.3:o:draytek:vigor2865l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2865l:-:*:*:*:*:*:*:*

Configuration 62 (hide)

AND
cpe:2.3:o:draytek:vigor2865lac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2865lac:-:*:*:*:*:*:*:*

Configuration 63 (hide)

AND
cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*

Configuration 64 (hide)

AND
cpe:2.3:o:draytek:vigor2866ax_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2866ax:-:*:*:*:*:*:*:*

Configuration 65 (hide)

AND
cpe:2.3:o:draytek:vigor2866ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2866ac:-:*:*:*:*:*:*:*

Configuration 66 (hide)

AND
cpe:2.3:o:draytek:vigor2866vac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2866vac:-:*:*:*:*:*:*:*

Configuration 67 (hide)

AND
cpe:2.3:o:draytek:vigor2866l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2866l:-:*:*:*:*:*:*:*

Configuration 68 (hide)

AND
cpe:2.3:o:draytek:vigor2866lac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor2866lac:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:06

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8
v2 : unknown
v3 : 10.0
References () https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers - Exploit, Third Party Advisory () https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers - Exploit, Third Party Advisory
References () https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html - Exploit, Third Party Advisory () https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html - Exploit, Third Party Advisory

Information

Published : 2022-08-29 06:15

Updated : 2024-11-21 07:06


NVD link : CVE-2022-32548

Mitre link : CVE-2022-32548

CVE.ORG link : CVE-2022-32548


JSON object : View

Products Affected

draytek

  • vigor2866ac_firmware
  • vigor2927ax_firmware
  • vigor2135
  • vigor2865lac_firmware
  • vigor2766
  • vigor2866lac_firmware
  • vigor3220
  • vigor2766_firmware
  • vigor2135fvac_firmware
  • vigor2865vac_firmware
  • vigor2926ac_firmware
  • vigor2862bn
  • vigor2865
  • vigor2133ac
  • vigor2862vac_firmware
  • vigor2865ac
  • vigor2862lac
  • vigor2135ac
  • vigor2926n_firmware
  • vigor2762
  • vigor2762ac_firmware
  • vigor2926
  • vigor2962
  • vigor2762_firmware
  • vigor2926lac
  • vigor3910_firmware
  • vigor2762vac
  • vigor2926ac
  • vigor2862_firmware
  • vigor2765ac
  • vigor2862ln
  • vigor2862lac_firmware
  • vigor2766vac
  • vigor2962p
  • vigor2862n
  • vigor2133n
  • vigor2766ac
  • vigor2862
  • vigor2133_firmware
  • vigor2926vac_firmware
  • vigor2866ax_firmware
  • vigor2865vac
  • vigor2866ac
  • vigor2866lac
  • vigor2865_firmware
  • vigor2862n_firmware
  • vigor2926l
  • vigor2766vac_firmware
  • vigor2832_firmware
  • vigor165_firmware
  • vigor2865ax
  • vigor166_firmware
  • vigor2765vac_firmware
  • vigor2927lac
  • vigor2866vac
  • vigor2135vac
  • vigor166
  • vigor2765
  • vigor2927vac
  • vigor2865lac
  • vigor2133vac
  • vigor2962_firmware
  • vigor2952
  • vigor2926vac
  • vigor2927l_firmware
  • vigor2766ac_firmware
  • vigor2915_firmware
  • vigor2866l
  • vigor2952p_firmware
  • vigor2915
  • vigor2862b
  • vigor2926ln_firmware
  • vigor2865ac_firmware
  • vigor2952_firmware
  • vigor3220_firmware
  • vigor2765ac_firmware
  • vigor1000b
  • vigor2862ac
  • vigor2862b_firmware
  • vigor2862l_firmware
  • vigor2915ac
  • vigor2762ac
  • vigor2915ac_firmware
  • vigor2926l_firmware
  • vigor2762vac_firmware
  • vigor2927_firmware
  • vigor2135fvac
  • vigor2865ax_firmware
  • vigor2133n_firmware
  • vigor2620l_firmware
  • vigor2862ln_firmware
  • vigor2862l
  • vigor2832
  • vigor2133
  • vigor165
  • vigor2927ax
  • vigor3910
  • vigor2926lac_firmware
  • vigor2926ln
  • vigor2620l
  • vigor2133vac_firmware
  • vigor2927
  • vigor2765vac
  • vigor2926_firmware
  • vigor2862vac
  • vigorlte_200n_firmware
  • vigor2135ac_firmware
  • vigor2865l
  • vigor2927l
  • vigor2952p
  • vigor2927ac_firmware
  • vigor2865l_firmware
  • vigor2762n_firmware
  • vigor2135_firmware
  • vigor2765_firmware
  • vigor2620ln
  • vigor2866
  • vigor2862bn_firmware
  • vigor2926n
  • vigor2133fvac
  • vigor2866l_firmware
  • vigor2866_firmware
  • vigor2133fvac_firmware
  • vigor2962p_firmware
  • vigor2927ac
  • vigor2862ac_firmware
  • vigor2927vac_firmware
  • vigorlte_200n
  • vigor2135vac_firmware
  • vigor2927lac_firmware
  • vigor1000b_firmware
  • vigor2133ac_firmware
  • vigor2866ax
  • vigor2762n
  • vigor2620ln_firmware
  • vigor2866vac_firmware
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')