CVE-2023-31447

Name of the Vulnerable Software and Affected Versions DrayTek Vigor2620 versions prior to 3.9.8.4 DrayTek Vigor2925 versions prior to 3.9.8.4

Description The issue is related to the user login.cgi script in the web interface of DrayTek Vigor router firmware, which is associated with incorrect code generation management. This can be exploited by a remote attacker to execute arbitrary code by sending a crafted payload to modify the code segment content and insert shellcode.

Recommendations For DrayTek Vigor2620 versions prior to 3.9.8.4, update to version 3.9.8.4 or later to resolve the issue. For DrayTek Vigor2925 devices, since all versions are affected and no specific fixed version is mentioned, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the user login.cgi script to minimize the risk of exploitation.