CVE-2024-48074 | DrayTek Vigor 2960 1.4.4 cgi-bin/mainfunction.cgi doPPPoE table command injection

Posted by Angelo Barbosa | Oct 28, 2024 | CVE

A vulnerability classified as critical has been found in DrayTek Vigor 2960 1.4.4. Affected is the function doPPPoE of the file cgi-bin/mainfunction.cgi. The manipulation of the argument table leads to command injection.

This vulnerability is traded as CVE-2024-48074. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-48074 | DrayTek Vigor 2960 1.4.4 cgi-bin/mainfunction.cgi doPPPoE table command injection

Related Posts

CVE-2024-32946 | LevelOne WBR-6012 R0.40e6 Web Service/FTP Service cleartext transmission (TALOS-2024-1983)

CVE-2024-37244 | Ninja Team Ninja Beaver Add-ons for Beaver Builder Plugin up to 2.4.5 on WordPress cross site scripting

CVE-2024-50836 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request /lms/admin/teachers.php firstname/lastname cross site scripting

CVE-2024-3896 | Photo Gallery, Images, Slider in Rbs Image Gallery Plugin Gallery Title cross site scripting