CVE-2024-51260 | DrayTek Vigor 3900 1.5.1.3 mainfunction.cgi acme_process command injection

Inserito da Angelo Barbosa | Ott 31, 2024 | CVE

A vulnerability, which was classified as critical, has been found in DrayTek Vigor 3900 1.5.1.3. Affected by this issue is the function acme_process of the file mainfunction.cgi. The manipulation leads to command injection.

This vulnerability is handled as CVE-2024-51260. The attack may be launched remotely. There is no exploit available.

CVE-2024-51260 | DrayTek Vigor 3900 1.5.1.3 mainfunction.cgi acme_process command injection

Post correlati

CVE-2024-33110 | D-Link DIR-845L up to 1.01KRb0 getcfg.php permission

CVE-2024-10857 | Product Input Fields for WooCommerce Plugin up to 1.9 on WordPress path traversal

CVE-2024-6119 | OpenSSL up to 3.0.14/3.1.6/3.2.2/3.3.1 TLS Server Certificate Check type confusion

CVE-2024-0297 | Totolink N200RE 9.3.5u.6139_B20201216 /cgi-bin/cstecgi.cgi UploadFirmwareFile FileName os command injection