CVE-2024-46316 | Draytek Vigor3900 1.5.1.6 HTTP Message mainfunction.cgi sub_2C920 command injection

Inserito da Angelo Barbosa | Ott 9, 2024 | CVE

A vulnerability has been found in Draytek Vigor3900 1.5.1.6 and classified as critical. Affected by this vulnerability is the function sub_2C920 of the file /cgi-bin/mainfunction.cgi of the component HTTP Message Handler. The manipulation leads to command injection.

This vulnerability is known as CVE-2024-46316. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-46316 | Draytek Vigor3900 1.5.1.6 HTTP Message mainfunction.cgi sub_2C920 command injection

Post correlati

CVE-2024-0769 | D-Link DIR-859 1.06B01 HTTP POST Request /hedwig.cgi service path traversal

CVE-2024-7054 | Popup Maker Plugin up to 1.19.0 on WordPress cross site scripting

CVE-2024-22239 | VMware Aria Operations for Networks prior 6.12 Console Local Privilege Escalation (VMSA-2024-0002)

CVE-2024-5260 | Sina Extension for Elementor Plugin up to 3.5.5 on WordPress read_more_text cross site scripting