| |
Vulnerability CVE-2020-8515
Published: 2020-02-01
Description: |
DrayTek Vigor2960 1.3.1_Beta; Vigor3900 1.4.4_Beta; and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. |
See advisories in our WLB2 database: | Topic | Author | Date |
High |
| 0xsha | 02.04.2020 |
Type:
CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
)
References: |
https://sku11army.blogspot.com/2020/01/draytek-unauthenticated-rce-in-draytek.html
|
|
|
Copyright 2024, cxsecurity.com
|
|
|