CVE-2020-15415 | DrayTek Vigor3900/Vigor2960/Vigor300B up to 1.5.0 cvmcfgupload Shell Metacharacter os command injection

10月 1, 2024
1:57 am

A vulnerability, which was classified as critical, was found in DrayTek Vigor3900, Vigor2960 and Vigor300B up to 1.5.0. This affects an unknown part of the file cgi-bin/mainfunction.cgi/cvmcfgupload. The manipulation as part of Shell Metacharacter leads to os command injection.

This vulnerability is uniquely identified as CVE-2020-15415. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2020-15415 | DrayTek Vigor3900/Vigor2960/Vigor300B up to 1.5.0 cvmcfgupload Shell Metacharacter os command injection

Elvescore.io

Recent Posts

CVE-2024-12884 – Codezips E-Commerce Website SQL Injection

CVE-2024-51463 – IBM i SSRF

CVE-2024-51464 – IBM Navigator for i Access Bypass Vulnerability

CVE-2024-12883 – Code-projects Job Recruitment Cross Site Scripting

CVE-2024-12875 – Easy Digital Downloads WordPress Directory Traversal Vulnerability

CVE-2024-10453 – Elementor Website Builder Stored Cross-Site Scripting Vulnerability

CVE-2020-15415 | DrayTek Vigor3900/Vigor2960/Vigor300B up to 1.5.0 cvmcfgupload Shell Metacharacter os command injection

CVE-2020-15415 | DrayTek Vigor3900/Vigor2960/Vigor300B up to 1.5.0 cvmcfgupload Shell Metacharacter os command injection