ГлавнаяУязвимости → CVE-2024-41596
8высокая

CVE-2024-41596

Описание

Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of improper retrieval and handling of the CGI form parameters.

Затрагиваемое ПО
Draytek Vigor2620 firmwareDraytek Vigor2620Draytek Vigor2915 firmwareDraytek Vigor2915Draytek Vigor2866 firmwareDraytek Vigor2866Draytek Vigor2766 firmwareDraytek Vigor2766Draytek Vigor2865 firmwareDraytek Vigor2865Draytek Vigor2765 firmwareDraytek Vigor2765Draytek Vigor2763 firmwareDraytek Vigor2763Draytek Vigor2135 firmwareDraytek Vigor2135Draytek Vigor166 firmwareDraytek Vigor166Draytek Vigor3912 firmwareDraytek Vigor3912Draytek Vigor1000b firmwareDraytek Vigor1000bDraytek Vigor165 firmwareDraytek Vigor165Draytek Vigor3910 firmware
CVSS
Балл8 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.forescout.com/resources/draybreak-draytek-research/https://www.forescout.com/resources/draytek14-vulnerabilities