Filtered by vendor Draytek
Subscribe
Total
76 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-41587 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-10-04 | N/A | 5.4 MEDIUM |
Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6. | |||||
CVE-2020-15415 | 1 Draytek | 6 Vigor2960, Vigor2960 Firmware, Vigor300b and 3 more | 2024-10-04 | 7.5 HIGH | 9.8 CRITICAL |
On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472. | |||||
CVE-2024-46550 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the CGIbyFieldName parameter at chglog.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46580 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the fid parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46571 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPPPSrvNm parameter at fwuser.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46568 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPeerId parameter at vpn.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46567 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iProfileIdx parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46566 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sAppName parameter at sslapp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46565 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sSrvName parameter at service.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46564 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at fextobj.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46561 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the queryret parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46560 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pub_key parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46559 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_UsrNme parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46558 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the newProname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46557 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46556 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sInRCSecret0 parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46555 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pb parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46554 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the profname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46553 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ipaddrmsk%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
CVE-2024-46552 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2024-09-24 | N/A | 7.5 HIGH |
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sStRtMskShow parameter at ipstrt.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. |