user_login.cgi on Draytek Vigor2620 devices prior to 3.9.8.4 (and on all versions of Vigor2925 devices) allows malicious users to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
draytek vigor2620_firmware |
||
draytek vigor2625_firmware |