CVE-2024-51252 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi restore command injection

Posted by Angelo Barbosa | Nov 1, 2024 | CVE

A vulnerability was found in Draytek Vigor 3900 1.5.1.3. It has been declared as critical. Affected by this vulnerability is the function restore of the file mainfunction.cgi. The manipulation leads to command injection.

This vulnerability is known as CVE-2024-51252. The attack can be launched remotely. There is no exploit available.

CVE-2024-51252 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi restore command injection

Related Posts

CVE-2024-40633 | Sylius up to 1.12.18/1.13.3 on Symfony {id} information disclosure

CVE-2024-29810 | 10Web PhotoGallery Plugin up to 1.8.21 on WordPress admin-ajax.php thumb_url cross site scripting

CVE-2024-50581 | JetBrains YouTrack up to 2024.3.47197 Comment Tag cross site scripting

CVE-2024-22682 | DuckDB/DuckDB extension-template up to 0.9.2 injection