Buffer Overflow Vulnerabilities in DrayTek Vigor310 Devices
CVE-2024-41596

8HIGH

Key Information:

Vendor: DrayTek
Status: Vigor2620 Firmware
Vendor: CVE Published:; 3 October 2024

What is CVE-2024-41596?

A buffer overflow vulnerability affects the DrayTek Vigor310 management UI, specifically through improper handling of CGI form parameters. This flaw can potentially lead to unauthorized access or system instability, posing security risks to users. It is crucial for administrators to apply recommended updates to ensure the integrity of their devices.

References

https://www.forescout.com/resources/draytek14-vulnerabili...

https://www.forescout.com/resources/draybreak-draytek-res...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2024

CVE-2024-41596 Data

JSON