DrayTek Vigor2960 mainfunction.cgi dumpSyslog 'option' directory traversal
CVE-2023-6265

8.1HIGH

Key Information:

Vendor

DrayTek
Status
Vigor2960
Vendor
CVE Published:
22 November 2023

What is CVE-2023-6265?

The Draytek Vigor2960 routers, specifically versions v1.5.1.4 and v1.5.1.5, are susceptible to a directory traversal vulnerability through the mainfunction.cgi dumpSyslog 'option' parameter. This allows an authenticated user with access to the web management interface to exploit this flaw and delete arbitrary files on the system. It is important to note that the Vigor2960 has reached its end of life, meaning it is no longer supported or receiving security updates, which increases the risk of exploitation.

Affected Version(s)

Vigor2960 1.5.1.4

Vigor2960 1.5.1.5

References

https://github.com/xxy1126/Vuln/blob/main/Draytek/4.md
exploit
https://www.draytek.com/products/vigor2960/
product
https://www.draytek.com/about/newsroom/2021/2021/end-of-l...
product

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.