/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices prior to 1.5.1 allows remote malicious users to achieve command injection via a remote HTTP request in DEBUG mode.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
draytek vigor300b_firmware |
||
draytek vigor3900_firmware |
||
draytek vigor2960_firmware |