إرسال #94470: Draytek Vigor 2960v1.5.1.4 has command injection vulnerability in function sub_1225C, file mainfunction.cgi المعلومات

عنوان	Draytek Vigor 2960v1.5.1.4 has command injection vulnerability in function sub_1225C, file mainfunction.cgi
الوصف	This vulnerability is in Product: Draytek Vigor 2960 v1.5.1.4(the newest version). Firmware download link: https://fw.draytek.com.tw/Vigor2960/Firmware/v1.5.1.4/Vigor2960_v1.5.1.4.zip This vulnerability is in function sub_1225C, file mainfunction.cgi. It does not filter var password, so we can achieve command injection. More information about this vulnerability is shown in the advisory link.
المصدر	⚠️ https://github.com/xxy1126/Vuln/blob/main/Draytek/2.md
المستخدم	Tmotfl (UID 41304)
ارسال	25/02/2023 07:18 AM (3 سنوات منذ)
الاعتدال	03/03/2023 07:49 AM (6 days later)
الحالة	تمت الموافقة
إدخال VulDB	222258 [DrayTek Vigor 2960 1.5.1.4/1.5.1.5 Web Management Interface mainfunction.cgi كلمة المرور تجاوز الصلاحيات]
النقاط	20

Might our Artificial Intelligence support you?

Check our Alexa App!