Post-Authentication Command Injection Vulnerability in DrayTek Vigor3900 Router

CVE-2024-45885

Summary

The DrayTek Vigor3900 router, specifically version 1.5.1.3, has a vulnerability that allows for command injection post-authentication. This occurs when the action parameter in the cgi-bin/mainfunction.cgi script is manipulated to trigger the autodiscovery_clear function. Exploiting this vulnerability could allow an attacker to execute arbitrary commands on the affected device, potentially compromising its integrity and security. Users are advised to review the specific configurations and apply necessary security patches.

References