An OS Command Injection in the CLI interface on DrayTek Vigor167 version 5.2.2, allows remote malicious users to execute arbitrary system commands and escalate privileges via any account created within the web interface.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
draytek vigor167_firmware 5.2.2 |