CVE-2024-51304 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi ldap_search_dn command injection

Inserito da Angelo Barbosa | Ott 30, 2024 | CVE

A vulnerability has been found in Draytek Vigor 3900 1.5.1.3 and classified as critical. This vulnerability affects the function ldap_search_dn of the file mainfunction.cgi. The manipulation leads to command injection.

This vulnerability was named CVE-2024-51304. The attack can be initiated remotely. There is no exploit available.

CVE-2024-51304 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi ldap_search_dn command injection

Post correlati

CVE-2024-46451 | TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 setWiFiAclRules desc buffer overflow

CVE-2024-5914 | Palo Alto Cortex XSOAR CommonScripts prior 1.12.33 command injection

CVE-2023-48118 | Quest Analytics IQCRM 2023.9.5 WSDL Page Common.svc sql injection

CVE-2024-33799 | campcodes Complete Web-Based School Management System 1.0 /model/get_teacher.php id sql injection