{"id": "CVE-2022-32548", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-08-29T06:15:09.423", "references": [{"url": "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field."}, {"lang": "es", "value": "Se ha detectado un problema en determinados routers DrayTek Vigor versiones anteriores a julio de 2022, como el Vigor3910 versiones anteriores a 4.3.1.1. El archivo /cgi-bin/wlogin.cgi presenta un desbordamiento de b\u00fafer por medio del nombre de usuario o contrase\u00f1a al campo aa o ab"}], "lastModified": "2024-11-21T07:06:36.290", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B937B768-C53B-490F-B6A8-6B0A2CC6C05A", "versionEndExcluding": "4.3.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05E81F44-7E9B-406E-BB4F-A3B6E5B82316", "versionEndExcluding": "4.3.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9FF86645-253A-4BA3-BA2A-2725575C390D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13C4AF21-4B66-4A84-95FB-268F8B644B39", "versionEndExcluding": "4.3.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2962p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17AD71DA-3550-4C1F-B2D6-BE8521E8A86C", "versionEndExcluding": "4.3.1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2962p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "85F44E9E-D6E6-44CB-A724-143EE7D74691"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "411D132F-5340-4EFF-AC02-CF4AAB9320F4", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12460F51-25AB-4EA9-BC43-9CE8DA992D75"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2927ax_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "070AFC36-DFCF-4511-9B72-BCC5E37F5A21", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2927ax:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9C188F12-157F-4B8C-9A66-678B933E20F0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2927ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63F379DA-0262-438F-9689-1D7824257A3A", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2927ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B846175B-4DC0-4268-AAF2-F266BFD7646E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2927vac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E695FA8-7DC9-483B-89BC-9A55AA69C500", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2927vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CD217200-9848-425F-B113-E624C027BC9C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2927l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAE83225-B91F-4A39-B3C9-35551B85A61C", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2927l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EC9D70E8-080B-4F0E-BA3A-ACFE8F61475B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2927lac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3AB34C6-A18C-425F-BC75-E4729FDBA462", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2927lac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FB5ABFF7-F5DA-485F-976B-5C858B85E994"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD74FED6-4AC0-4BB8-A32D-D849350968B0", "versionEndExcluding": "4.3.3.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2915ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE8DBA39-B28F-4901-860E-DE550A8FADA9", "versionEndExcluding": "4.3.3.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2915ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D4318B8A-B94C-4207-9731-76D35DE85034"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B3BC6B8-6B4C-4794-9394-479DF40C7F5A", "versionEndExcluding": "3.9.7.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "167336E2-AAA8-4424-AB07-2D7C9E1542B3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2952p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF2DE13B-8494-4E98-B18A-2EA35D9A7650", "versionEndExcluding": "3.9.7.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2952p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "00F421E8-00BE-4451-A948-0D9862E442E3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0996CFA6-AA5C-4EFD-BD9E-1B0F23F03804", "versionEndExcluding": "3.9.7.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "64955940-3998-4B76-92D1-D9F3FAB874B4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76E680BF-6C82-4691-92DA-D4F50E4120BB", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2926n_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66C1DB0D-3F7F-4EF5-9F23-10AC94B4A439", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2926n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C04C85F3-C187-4F82-87A9-ECAF197ABA30"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2926ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "957D95D2-3569-4CA0-9C05-279F32B66F44", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2926ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "65625316-A171-4C06-BFD0-C15A5ACF58A4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2926vac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82DF224C-6CE9-43FF-A882-0C3989018D00", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2926vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "059842A3-553B-43A0-A714-15C55DA85752"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2926l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EE43891-7DB2-4C48-97B7-9F1F3051EA7D", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2926l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "775E8858-B078-427D-BCB5-6D2B91D17A9D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2926ln_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1498B13D-10BA-49D2-8229-ADFCA5F44B20", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2926ln:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E30F255-ECE9-4E6F-9A22-2826E548C18B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2926lac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AB36D6A-658F-4A67-BC7F-045C44A3A322", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2926lac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D4953A99-AD72-4204-BAA9-D87164349E01"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "943EEFDB-8958-41BA-84E7-BB28A218B245", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2862n_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E63AB9A5-C5AE-410E-AFA3-D32F69887D9E", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2862n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6DF8ECCA-405E-4D60-92ED-7F29F36A985F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2862ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4982251-F1DE-46CF-8995-F9B0CAD4D758", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2862ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CB77A5C7-026C-4172-970A-28E0D1A6F2D1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2862vac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0622A4B6-8839-4972-AC2A-1634F4241B9A", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2862vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9CB96DDC-9961-47D4-81DF-4117A1B9C8F1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2862b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "932AA150-DCEE-4313-92E3-B9AECBD6707B", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2862b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DC7469CB-2CDE-4D2D-988A-13A482A59B28"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2862bn_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A808791A-0863-44F6-8A13-8EFF8EB8C727", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2862bn:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "60F97B4A-B323-4354-9CAC-60BCB02A44DE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2862l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "137281B3-B1F6-4EC4-BB8B-8652533E2337", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2862l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "96B57263-4900-4F2E-AA5C-554B5163F489"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2862ln_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF2D8790-A2EE-4AE1-A2DC-CC54108DD263", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2862ln:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1D1ADB5D-D2CF-464B-9F1C-45F31A032953"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2862lac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5972D23-8225-48C1-B9A5-F63531B548E1", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2862lac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A89BEEB-3F13-4C41-9133-788232DD229B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2620l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D38C4B52-81DF-40F2-8760-A25915126158", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2620l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2DD1E5ED-6A96-4C4A-87D4-692988479D01"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2620ln_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EDA1B3E-4B46-451B-9462-6BBFF5A16F28", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2620ln:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4B71980-6D7A-4B7B-9863-E85CC849ED90"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigorlte_200n_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99B65954-02D6-4B76-88F2-5787B1A55729", "versionEndExcluding": "3.9.8.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigorlte_200n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "00DC816E-1840-46F0-97C4-2BA00F5B9E64"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7646BDD0-992E-43D6-A5A9-AB5EA5E89FD3", "versionEndExcluding": "3.9.6.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2133n_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55C8D979-63A8-419F-86CB-CFDBE8C19B2D", "versionEndExcluding": "3.9.6.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2133n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A3F57E3F-8FFB-4A48-8BFD-5245D1EF2B80"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2133ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03D383A7-C3A8-41E8-8731-04EF97F0CCE1", "versionEndExcluding": "3.9.6.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2133ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "196CE92C-805E-4B6A-8EA8-7A49515FB617"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2133vac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "297393CA-8855-46DD-A229-D46BA338A57C", "versionEndExcluding": "3.9.6.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2133vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4B81C46C-C837-4C10-AE7F-9E98A1A9E15C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2133fvac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56923C0D-7FBF-4110-8220-07D2FFEA30A6", "versionEndExcluding": "3.9.6.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2133fvac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C1999AE2-3E6E-4D18-8FF1-D2A853B5975F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61F5E418-BA97-4F40-B3E6-AE256FE0EFDD", "versionEndExcluding": "3.9.6.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2762n_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C44183E5-3030-45F1-BE3E-EAA47312E6AB", "versionEndExcluding": "3.9.6.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2762n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "47B532B5-386F-4C4C-8554-C73409124306"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2762ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E41A4B2-4C20-433F-9285-95909A0AEE3B", "versionEndExcluding": "3.9.6.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2762ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CEA5BFB-5D2F-44B2-B995-0675243264CA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2762vac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67A1CBE5-09BF-47A6-A6CA-5FF5CEF6670F", "versionEndExcluding": "3.9.6.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2762vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1F97B07D-BC53-42A4-BBA3-D9CF5D474C9E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71348479-95FE-4E66-A068-74DA89C82F6F", "versionEndExcluding": "4.2.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8E644893-0457-43A9-98AB-9DB37A5C415C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFE35F98-0304-415F-B8AF-93C17F8DA6CB", "versionEndExcluding": "4.2.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E33E647-5883-44FA-9915-34B89090D4E4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0394013-3F27-4ACA-81C1-17399631DF84", "versionEndExcluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2135ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1355BCF1-FB23-45B9-9201-EA25B2F33920", "versionEndExcluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2135ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "77D227B7-1121-4657-A621-AF0C0E766D90"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2135vac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBDB62F3-082E-4763-BAA0-69B78DA16B5C", "versionEndExcluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2135vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AAC1C9BE-31B5-47DD-BE09-0984EE29A957"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2135fvac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3327574-E0DB-4CB4-8BDD-C03F09D0974A", "versionEndExcluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2135fvac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "625DE418-F506-4579-9C25-04DCD0FBC7ED"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D431985C-61B3-4124-A363-3124D1AAF5CC", "versionEndExcluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2765ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEB6111E-2063-4CCF-8E50-4E851264FB16", "versionEndExcluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2765ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F1B9AF22-089B-41FB-8E30-BED3E4CE32ED"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2765vac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F63944F3-F3D4-4240-819F-15694FB71C1D", "versionEndExcluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2765vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7A582D29-85D9-4FC3-B88A-42B947B9D18C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C34C4A04-A6D0-48F9-BDB0-26847CC0EBAE", "versionEndExcluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2766ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA939906-239F-40DC-B452-8FF64C9907C7", "versionEndExcluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2766ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "787134FE-0549-427D-A9CE-32B1C58BC954"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2766vac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E78CBAA-2D96-43C8-84A1-AF6CB42C8131", "versionEndExcluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2766vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "228DC583-B6BC-4948-A167-53C49B6D04B2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0928E933-244C-44E7-A7B3-C6009DD12EC2", "versionEndExcluding": "3.9.6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98F02BBA-DADE-48C9-8802-6C170714A3DF", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2865ax_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57E1D55A-45D7-4427-8BF4-197853948E37", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2865ax:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "699735FA-D33E-4F32-9584-B15938FB954E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2865ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF8F3B5B-F074-4AB1-8F2C-D4680A843781", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2865ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B2D62A63-1E53-469C-B06C-DB6D05C7BE2F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2865vac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63B4931B-4B4E-4F30-9A53-657746F3AEEF", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2865vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5C40B478-C28F-430A-A690-5EF9FFB4812E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2865l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AA4AF52-76AE-4356-94DD-2033D888ED32", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2865l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D4F462E8-6427-4E42-902B-07E8A9366423"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2865lac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14488AE9-7FDB-466C-A7BF-3DF43F4A9FE6", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2865lac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B87FA44-4931-4DC4-89BE-72A591C7C355"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05E1101F-BFCE-479F-9E3C-932D56E42C9A", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2866ax_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD98A315-7484-442B-A411-CDFCDDDCC625", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2866ax:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4F84DE3D-5FFD-4D6F-877A-A656287BDD7B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2866ac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E30E7C6-C4F5-46C4-87F7-E64AD8CA1DAB", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2866ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1E82803D-B1DE-4541-913C-9128B313AC0E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2866vac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51C16598-52C3-4302-B2EF-4714007904D5", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2866vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5295B4DF-DE6C-4725-A22B-1186D5AB1325"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2866l_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F93460D-E72A-4F55-8471-476BD86B83BD", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2866l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "315CA850-DA5C-46E8-90A1-457320A52AA3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2866lac_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "962FC4B2-E7AE-4F4F-B6F5-7E71C9EDFFF6", "versionEndExcluding": "4.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor2866lac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4504923B-C903-432D-B4D2-287BD0145F3B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}