exploitDog

GHSA-fh9m-mpjc-38hg

Опубликовано: 30 окт. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function.

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function.

Ссылки

EPSS

Процентиль: 33%

0.00133

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2024-51298

CVSS3: 9.8

nvd

больше 1 года назад

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function.

EPSS

Процентиль: 33%

0.00133

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94