Vulnerabilities (CVE)

Filtered by vendor Draytek Subscribe
Filtered by product Vigor2925vn-plus
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-16533 1 Draytek 8 Vigor2925 Firmware, Vigor2925ac, Vigor2925fn and 5 more 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product.
CVE-2019-16534 1 Draytek 8 Vigor2925 Firmware, Vigor2925ac, Vigor2925fn and 5 more 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product.