A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices prior to 1.5.1.1 allows remote malicious users to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
draytek vigor300b_firmware |
||
draytek vigor2960_firmware |
||
draytek vigor3900_firmware |