PT-2021-8207 · Draytek · Draytek Vigorconnect

Published

2021-10-12

Updated

2021-10-19

CVE-2021-20127

CVSS v2.0

8.5

High

Vector

AV:N/AC:L/Au:S/C:N/I:C/A:C

Name of the Vulnerable Software and Affected Versions Draytek VigorConnect version 1.6.0-B3

Description The issue is related to a lack of access control in the software for monitoring, managing, and configuring VigorAP access points and VigorSwitches switches in the local network. An arbitrary file deletion vulnerability exists in the file delete functionality of the "Html5Servlet" endpoint. This allows an authenticated user to delete files in any location on the target operating system with root privileges.

Recommendations For Draytek VigorConnect version 1.6.0-B3, consider disabling the file delete functionality of the Html5Servlet endpoint until a patch is available to prevent arbitrary file deletion with root privileges. Restrict access to the Html5Servlet endpoint to minimize the risk of exploitation.

Exploit

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BDU:2024-11434

CVE-2021-20127

Affected Products

Draytek Vigorconnect

PT-2021-8207 · Draytek · Draytek Vigorconnect

CVE-2021-20127

Weakness Enumeration

Related Identifiers

Affected Products

References · 8