CVE-2024-45893 | DrayTek Vigor 3900 1.5.1.3 cgi-bin/mainfunction.cgi setSWMOption action command injection

Posted by Angelo Barbosa | Nov 4, 2024 | CVE

A vulnerability classified as critical has been found in DrayTek Vigor 3900 1.5.1.3. This affects the function setSWMOption of the file cgi-bin/mainfunction.cgi. The manipulation of the argument action leads to command injection.

This vulnerability is uniquely identified as CVE-2024-45893. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-45893 | DrayTek Vigor 3900 1.5.1.3 cgi-bin/mainfunction.cgi setSWMOption action command injection

Related Posts

CVE-2023-32725 | Zabbix up to 6.0.21/6.4.6/7.0.0alpha3 Session Cookie cookie validation

CVE-2024-36505 | Fortinet FortiOS up to 6.4.15/7.0.14/7.2.7/7.4.3 access control (FG-IR-24-012)

CVE-2023-6534 | FreeBSD pf access control

CVE-2024-0757 | Insert or Embed Articulate Content Plugin up to 4.3000000023 on WordPress unrestricted upload