CVE-2024-45888 | DrayTek Vigor 3900 1.5.1.3 cgi-bin/mainfunction.cgi set_ap_map_config action command injection

Posted by Angelo Barbosa | Nov 4, 2024 | CVE

A vulnerability classified as critical was found in DrayTek Vigor 3900 1.5.1.3. This vulnerability affects the function set_ap_map_config of the file cgi-bin/mainfunction.cgi. The manipulation of the argument action leads to command injection.

This vulnerability was named CVE-2024-45888. The attack can be initiated remotely. There is no exploit available.

CVE-2024-45888 | DrayTek Vigor 3900 1.5.1.3 cgi-bin/mainfunction.cgi set_ap_map_config action command injection

Related Posts

CVE-2024-6539 | heyewei SpringBootCMS up to 2024-05-28 Guestbook /guestbook Content cross site scripting (IA9D7F)

CVE-2024-20266 | Cisco IOS XR DHCPv4 Server denial of service (cisco-sa-iosxr-dhcp-dos-3tgPKRdm)

CVE-2024-4022 | Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 up to 4.1.2.15 Version Data /version.js information disclosure

CVE-2024-27295 | Directus up to 10.8.2 Password Reset name resolution