An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete files in any location on the target operating system with root privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
draytek vigorconnect 1.6.0 |