| Title | Draytek Vigor 2960v1.5.1.4 has arbitrary file deletion vulnerability in in function sub_1DF14, file mainfunction.cgi |
|---|
| Description | This vulnerability is affect Product: Draytek Vigor 2960 v1.5.1.4(the newest version), Firmware: v1.5.1.4, download link: https://fw.draytek.com.tw/Vigor2960/Firmware/v1.5.1.4/Vigor2960_v1.5.1.4.zip
It doesn’t filter var opion , so we can use /../ to path traversal. As a result, it will delete the specific file.
You can see the screenshot. The file etc/pptpd.conf is disappear, after we send poc. |
|---|
| Source | ⚠️ https://github.com/xxy1126/Vuln/blob/main/Draytek/4.md |
|---|
| User | Tmotfl (UID 41304) |
|---|
| Submission | 02/25/2023 07:44 (3 years ago) |
|---|
| Moderation | 03/03/2023 07:47 (6 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 221742 [DrayTek Vigor 2960 1.5.1.4/1.5.1.5 Web Management Interface mainfunction.cgi sub_1DF14 option path traversal] |
|---|
| Points | 0 |
|---|