DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
References
Configurations
Configuration 1 (hide)
AND |
|
History
01 Aug 2024, 13:43
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-78 |
22 Nov 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
22 Nov 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter. |
Information
Published : 2023-03-15 18:15
Updated : 2024-08-02 11:16
NVD link : CVE-2023-24229
Mitre link : CVE-2023-24229
CVE.ORG link : CVE-2023-24229
JSON object : View
Products Affected
draytek
- vigor2960
- vigor2960_firmware