Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2020-8515

Published: 01/02/2020 Updated: 07/11/2023
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 891
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Vigor2960 Firmware

Vulnerability Summary

DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

draytek vigor2960_firmware 1.3.1

draytek vigor300b_firmware 1.3.3

draytek vigor300b_firmware 1.4.2.1

draytek vigor300b_firmware 1.4.4

draytek vigor3900_firmware 1.4.4

Exploits

Exploit DB: DrayTek Vigor2960 / Vigor3900 / Vigor300B Remote Command Execution
DrayTek Vigor2960 version 131_Beta, Vigor3900 version 144_Beta, and Vigor300B versions 133_Beta, 1421_Beta, and 144_Beta suffer from a remote command execution vulnerability ...

Github Repositories

https://github.com/darrenmartyn/CVE-2020-8515

Draytek CVE-2020-8515 PoC

CVE-2020-8515 Draytek CVE-2020-8515 PoC I had kicking about Amusingly, the command injected gets executed twice, see here: $ /draytekpy drayteklocal (>) executing command: cat /etc/passwd (+) vulnerable! (>) executing command: uname -a Linux Vigor3900 26335 #1 Wed Mar 28 00:49:28 CST 2018 armv6l unknown Linux Vigor3900 26335 #1 Wed Mar 28 00:49:28 CST 20

https://github.com/imjdl/CVE-2020-8515-PoC

CVE-2020-8515-PoC

CVE-2020-8515-PoC CVE-2020-8515-PoC

https://github.com/truerandom/nmap_draytek_rce

nmap script to detect CVE-2020-8515 on Draytek Devices

nmap_draytek_rce nmap script to detect CVE-2020-8515 on Draytek Devices

References

CWE-78https://sku11army.blogspot.com/2020/01/draytek-unauthenticated-rce-in-draytek.htmlhttp://packetstormsecurity.com/files/156979/DrayTek-Vigor2960-Vigor3900-Vigor300B-Remote-Command-Execution.htmlhttps://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-%28cve-2020-8515%29/https://nvd.nist.govhttps://github.com/darrenmartyn/CVE-2020-8515https://packetstormsecurity.com/files/156979/DrayTek-Vigor2960-Vigor3900-Vigor300B-Remote-Command-Execution.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook