| Titel | Draytek Vigor 2960v1.5.1.4 has arbitrary file deletion vulnerability in in function sub_1DF14, file mainfunction.cgi |
|---|
| Beschreibung | This vulnerability is affect Product: Draytek Vigor 2960 v1.5.1.4(the newest version), Firmware: v1.5.1.4, download link: https://fw.draytek.com.tw/Vigor2960/Firmware/v1.5.1.4/Vigor2960_v1.5.1.4.zip
It doesn’t filter var opion , so we can use /../ to path traversal. As a result, it will delete the specific file.
You can see the screenshot. The file etc/pptpd.conf is disappear, after we send poc. |
|---|
| Quelle | ⚠️ https://github.com/xxy1126/Vuln/blob/main/Draytek/4.md |
|---|
| Benutzer | Tmotfl (UID 41304) |
|---|
| Einreichung | 25.02.2023 07:44 (vor 3 Jahren) |
|---|
| Moderieren | 03.03.2023 07:47 (6 days later) |
|---|
| Status | Duplikat |
|---|
| VulDB Eintrag | 221742 [DrayTek Vigor 2960 1.5.1.4/1.5.1.5 Web Management Interface mainfunction.cgi sub_1DF14 option Directory Traversal] |
|---|
| Punkte | 0 |
|---|