PT-2021-8205 · Draytek · Draytek Vigor300B+2
C0Ss4Ck
·
Published
2021-07-21
·
Updated
2024-12-10
·
CVE-2021-43118
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
DrayTek Vigor 2960 version 1.5.1.3
DrayTek Vigor 3900 version 1.5.1.3
DrayTek Vigor 300B version 1.5.1.3
Description
A Remote Command Injection issue exists in the mainfunction.cgi script of the DrayTek Vigor web interface due to inadequate data sanitization at the management level. This could allow a remote attacker to execute arbitrary code by sending a crafted HTTP message with a malformed QUERY STRING to the mainfunction.cgi endpoint.
Recommendations
For DrayTek Vigor 2960 version 1.5.1.3, consider disabling the mainfunction.cgi script until a patch is available.
For DrayTek Vigor 3900 version 1.5.1.3, restrict access to the mainfunction.cgi endpoint to minimize the risk of exploitation.
For DrayTek Vigor 300B version 1.5.1.3, avoid using the QUERY STRING parameter in the mainfunction.cgi endpoint until the issue is resolved.
Exploit
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Draytek Vigor2960
Draytek Vigor300B
Draytek Vigor3900