exploitDog

GHSA-64xw-25gj-x6w6

Опубликовано: 30 окт. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function.

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function.

Ссылки

EPSS

Процентиль: 31%

0.00115

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2024-51257

CVSS3: 8.8

nvd

больше 1 года назад

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function.

EPSS

Процентиль: 31%

0.00115

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-77