CVE-2024-45884

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions DrayTek Vigor3900 version 1.5.1.3

Description The issue is a post-authentication command injection problem. It occurs when the action parameter in the "cgi-bin/mainfunction.cgi" endpoint is set to setSWMGroup. This allows for potential command injection after a user has authenticated.

Recommendations For DrayTek Vigor3900 version 1.5.1.3, consider disabling the setSWMGroup action in the "cgi-bin/mainfunction.cgi" endpoint as a temporary workaround until a patch is available. Restrict access to the cgi-bin/mainfunction.cgi endpoint to minimize the risk of exploitation. Avoid using the action parameter in the affected endpoint until the issue is resolved.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2024-45884

Affected Products

Draytek Vigor3900

CVE-2024-45884

Weakness Enumeration

Related Identifiers

Affected Products

References · 7