CVE-2024-51259 | DrayTek Vigor 3900 1.5.1.3 mainfunction.cgi setup_cacertificate command injection

Inserito da Angelo Barbosa | Ott 31, 2024 | CVE

A vulnerability, which was classified as critical, has been found in DrayTek Vigor 3900 1.5.1.3. Affected by this issue is the function setup_cacertificate of the file mainfunction.cgi. The manipulation leads to command injection.

This vulnerability is handled as CVE-2024-51259. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-51259 | DrayTek Vigor 3900 1.5.1.3 mainfunction.cgi setup_cacertificate command injection

Post correlati

CVE-2024-4752 | EventON Plugin up to 2.2.14 on WordPress Setting cross site scripting

CVE-2024-20450 | Cisco Small Business IP Phones up to 7.6.2SR7 Web-based Management Interface buffer overflow (cisco-sa-spa-http-vulns-RJZmX2Xz)

CVE-2024-37259 | WP Extended Ultimate Toolkit Plugin up to 2.4.7 on WordPress cross site scripting

CVE-2024-43411 | CKeditor4 up to 4.24.x cross site scripting