Post-Authentication Command Injection in DrayTek Vigor3900 Appliance
CVE-2024-45887

8HIGH

Key Information:

Vendor: DrayTek
Status: Vigor3900
Vendor: CVE Published:; 4 November 2024

What is CVE-2024-45887?

The DrayTek Vigor3900 version 1.5.1.3 is affected by a post-authentication command injection vulnerability. This security flaw arises when the 'action' parameter within the 'cgi-bin/mainfunction.cgi' script is configured to execute 'doOpenVPN'. Exploitation of this vulnerability could allow an unauthorized user to inject arbitrary commands, potentially compromising the device's integrity and functionality. It is recommended that users apply any available patches and implement security best practices to mitigate potential risks.

References

https://github.com/N1nEmAn/wp/blob/main/test_v.zip

https://github.com/fu37kola/cve/blob/main/DrayTek/Vigor39...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 4, 2024

CVE-2024-45887 Data

JSON