CVE-2024-44844 | DrayTek Vigor3900 1.5.1.6 run_command name command injection

Posted by Angelo Barbosa | Sep 6, 2024 | CVE

A vulnerability was found in DrayTek Vigor3900 1.5.1.6. It has been declared as critical. Affected by this vulnerability is the function run_command. The manipulation of the argument name leads to command injection.

This vulnerability is known as CVE-2024-44844. The attack can be launched remotely. There is no exploit available.

CVE-2024-44844 | DrayTek Vigor3900 1.5.1.6 run_command name command injection

Related Posts

CVE-2024-29999 | Microsoft unknown vulnerability

CVE-2023-6949 | DJI Mini 3 Pro prior 01.00.1200 HTTP Service missing authentication

CVE-2024-27921 | grav up to 1.7.44 path traversal

CVE-2024-8124 | GitLab Community Edition/Enterprise Edition up to 17.1.6/17.2.4/17.3.1 glm_source redos (Issue 480533)