Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
draytek vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23721
A Directory Traversal issue exists in process_post on Draytek Vigor3910 4.3.2.5 devices. When sending a certain POST request, it calls the function and exports information.
9.8
CVSSv3
CVE-2023-47254
An OS Command Injection in the CLI interface on DrayTek Vigor167 version 5.2.2, allows remote malicious users to execute arbitrary system commands and escalate privileges via any account created within the web interface.
Draytek Vigor167 Firmware 5.2.2
8.1
CVSSv3
CVE-2023-6265
** UNSUPPORTED WHEN ASSIGNED ** Draytek Vigor2960 v1.5.1.4 and v1.5.1.5 are vulnerable to directory traversal via the mainfunction.cgi dumpSyslog 'option' parameter allowing an authenticated attacker with access to the web management interface to delete arbitrary files....
Draytek Vigor2960 Firmware 1.5.1.4
Draytek Vigor2960 Firmware 1.5.1.5
9.8
CVSSv3
CVE-2023-31447
user_login.cgi on Draytek Vigor2620 devices prior to 3.9.8.4 (and on all versions of Vigor2925 devices) allows malicious users to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code.
Draytek Vigor2620 Firmware
Draytek Vigor2625 Firmware
9.8
CVSSv3
CVE-2023-33778
Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows malicious users to bind any aff...
Draytek Myvigor
Draytek Vigorswitch Pq2200xb Firmware
Draytek Vigorswitch Pq2121x Firmware
Draytek Vigorswitch P2540xs Firmware
Draytek Vigorswitch P2280x Firmware
Draytek Vigorswitch P2100 Firmware
Draytek Vigorswitch Q2200x Firmware
Draytek Vigorswitch Q2121x Firmware
Draytek Vigorswitch G2540xs Firmware
Draytek Vigorswitch G2280x Firmware
Draytek Vigorswitch G2121 Firmware
Draytek Vigorswitch G2100 Firmware
Draytek Vigorswitch Fx2120 Firmware
Draytek Vigorswitch P1282 Firmware
Draytek Vigorswitch G1282 Firmware
Draytek Vigorswitch G1085 Firmware
Draytek Vigorswitch G1080 Firmware
Draytek Vigorap 903 Firmware
Draytek Vigorap 912c Firmware
Draytek Vigorap 918r Firmware
Draytek Vigorap 1060c Firmware
Draytek Vigorap 906 Firmware
7.8
CVSSv3
CVE-2023-24229
DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter. NOTE: This vulnerability only affects products that are no longer supporte...
Draytek Vigor2960 Firmware 1.5.1.4
6.1
CVSSv3
CVE-2023-23313
Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4...
Draytek Vigor2860 Firmware
Draytek Vigor2860n Firmware
Draytek Vigor2860n-plus Firmware
Draytek Vigor2860vn-plus Firmware
Draytek Vigor2860ac Firmware
Draytek Vigor2860vac Firmware
Draytek Vigor2860l Firmware
Draytek Vigor2860ln Firmware
Draytek Vigor2832 Firmware
Draytek Vigor2832n Firmware
Draytek Vigor2766 Firmware
Draytek Vigor2766ax Firmware
Draytek Vigor2766ac Firmware
Draytek Vigor2766vac Firmware
Draytek Vigor2765 Firmware
Draytek Vigor2765ax Firmware
Draytek Vigor2765ac Firmware
Draytek Vigor2765va Firmware
Draytek Vigor2763 Firmware
Draytek Vigor2763ac Firmware
Draytek Vigor2762 Firmware
Draytek Vigor2762n Firmware
8.8
CVSSv3
CVE-2023-1162
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5. Affected is an unknown function of the file mainfunction.cgi of the component Web Management Interface. The manipulation of the argument password le...
Draytek Vigor 2960 Firmware 1.5.1.4
6.5
CVSSv3
CVE-2023-1163
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5 and classified as critical. Affected by this vulnerability is the function getSyslogFile of the file mainfunction.cgi of the component Web Management Interface. The manipulation o...
Draytek Vigor 2960 Firmware 1.5.1.4
5.5
CVSSv3
CVE-2023-1009
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5. Affected is the function sub_1DF14 of the file /cgi-bin/mainfunction.cgi of the component Web Management Interface. The manipulation of the argument option...
Draytek Vigor2960 Firmware 1.5.1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »