Command Injection Vulnerability in Draytek Vigor3900 Router

CVE-2024-51253

What is CVE-2024-51253?

A command injection vulnerability exists in the Draytek Vigor3900 router version 1.5.1.3, where attackers can exploit the mainfunction.cgi script. By targeting the doL2TP function, they can inject and execute arbitrary commands, compromising the integrity and security of the device. This vulnerability emphasizes the need for robust security measures and timely updates to safeguard against such attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References