Submit #468795: DrayTek Vigor2960, Vigor300B 1.5.1.4 Command Injectioninfo

TitleDrayTek Vigor2960, Vigor300B 1.5.1.4 Command Injection
DescriptionDrayTek Gateway devices, including models Vigor2960 and Vigor300B, are vulnerable to command injection via the web management interface. The vulnerability can be exploited by sending a malformed HTTP request to the `/cgi-bin/mainfunction.cgi/apmcfgupload` endpoint. An attacker can inject arbitrary commands by manipulating the `session` parameter, affecting over 66,000 Internet-connected devices.
Source⚠️ https://netsecfish.notion.site/Command-Injection-in-apmcfgupload-endpoint-for-DrayTek-Gateway-Devices-1676b683e67c8040b7f1f0ffe29ce18f?pvs=4
User netsecfish (UID 64568)
Submission12/25/2024 09:14 AM (2 months ago)
Moderation12/27/2024 09:04 AM (2 days later)
StatusAccepted
VulDB Entry289380 [DrayTek Vigor2960/Vigor300B 1.5.1.4 Web Management Interface apmcfgupload session os command injection]
Points19

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!