CVE-2024-41585

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3910 devices through 4.3.2.6

Description: The issue is an OS command injection vulnerability that allows an attacker to leverage the recvCmd binary to escape from the emulated instance and inject arbitrary commands into the host machine. This is due to the lack of measures to neutralize special elements used in the operating system command. Exploitation of the vulnerability may allow a remote attacker to execute arbitrary commands using specially crafted data.

Recommendations: For DrayTek Vigor3910 devices through 4.3.2.6, consider disabling the recvCmd binary as a temporary workaround until a patch is available. Restrict access to the vulnerable binary to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.