CVE-2024-51252 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi restore command injection

Posted by Angelo Barbosa | Nov 1, 2024 | CVE

A vulnerability was found in Draytek Vigor 3900 1.5.1.3. It has been declared as critical. Affected by this vulnerability is the function restore of the file mainfunction.cgi. The manipulation leads to command injection.

This vulnerability is known as CVE-2024-51252. The attack can be launched remotely. There is no exploit available.

CVE-2024-51252 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi restore command injection

Related Posts

CVE-2024-33051 | Qualcomm Snapdragon Auto up to QCC2073 Beacon Frame buffer over-read

CVE-2024-36120 | ben-sb javascript-deobfuscator up to 1.0.x code injection

CVE-2024-2925 | Beaver Builder Plugin up to 2.8.0.5 on WordPress Button cross site scripting

CVE-2024-22359 | IBM UrbanCode Deploy/DevOps Deploy Web UI cross site scripting (XFDB-280897)