Risk | Critical |
Patch available | YES |
Number of vulnerabilities | 14 |
CVE-ID | CVE-2024-41589 CVE-2024-41594 CVE-2024-41595 CVE-2024-41586 CVE-2024-41590 CVE-2024-41588 CVE-2024-41596 CVE-2024-41583 CVE-2024-41593 CVE-2024-41585 CVE-2024-41592 CVE-2024-41584 CVE-2024-41591 CVE-2024-41587 |
CWE-ID | CWE-255 CWE-338 CWE-119 CWE-79 CWE-78 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
Vigor 1000B Hardware solutions / Routers for home users Vigor 2962 Hardware solutions / Routers for home users Vigor 3910 Hardware solutions / Routers for home users Vigor 3912 Hardware solutions / Routers for home users Vigor 165 Hardware solutions / Routers for home users Vigor 166 Hardware solutions / Routers for home users Vigor 2135 Hardware solutions / Routers for home users Vigor 2763 Hardware solutions / Routers for home users Vigor 2765 Hardware solutions / Routers for home users Vigor 2766 Hardware solutions / Routers for home users Vigor 2865 Hardware solutions / Routers for home users Vigor 2866 Hardware solutions / Routers for home users Vigor 2915 Hardware solutions / Routers for home users Vigor 2620 Hardware solutions / Routers for home users Vigor LTE200 Hardware solutions / Routers for home users Vigor 2133 Hardware solutions / Routers & switches, VoIP, GSM, etc Vigor 2762 Hardware solutions / Routers & switches, VoIP, GSM, etc Vigor 2860 Hardware solutions / Routers & switches, VoIP, GSM, etc Vigor 2925 Hardware solutions / Routers & switches, VoIP, GSM, etc Vigor 2862 Hardware solutions / Routers & switches, VoIP, GSM, etc Vigor 2926 Hardware solutions / Routers & switches, VoIP, GSM, etc Vigor 2952 Hardware solutions / Routers & switches, VoIP, GSM, etc Vigor 3220 Hardware solutions / Routers & switches, VoIP, GSM, etc Vigor 2832 Hardware solutions / Security hardware applicances |
Vendor | DrayTek Corp. |
Security Bulletin
This security bulletin contains information about 14 vulnerabilities.
EUVDB-ID: #VU97985
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41589
CWE-ID:
CWE-255 - Credentials Management
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to the same admin credentials are used across the entire system (including both guest and host operating systems). Obtaining these credentials can lead to full system compromise.
Install updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97983
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41594
CWE-ID:
CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to software uses a static string to seed the PRNG in OpenSSL for TLS. A remote attacker can perform MitM attack.
Install updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97982
Risk: Low
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41595
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the WebUI. A remote privileged user can send a specially crafted HTTP request to the web interface, trigger memory corruption and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97981
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41586
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the WebUI in /cgi-bin/ipfedr.cgi script. A remote privileged user can send a specially crafted HTTP request to the web interface, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97977
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41590
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the WebUI. A remote privileged user can send a specially crafted HTTP request to the web interface, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97976
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41588
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the WebUI when handling data passed to the "/cgi-bin/v2x00.cgi" and "/cgi-bin/cgiwcg.cgi" scripts. A remote privileged user can send a specially crafted HTTP request to the web interface, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97980
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41596
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the WebUI. A remote privileged user can send a specially crafted HTTP request to the web interface, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97966
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41583
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when handling a custom router name. A remote user can execute arbitrary HTML and script code in user's browser in context of vulnerable website.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97978
Risk: Low
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41593
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the ft_payloads_dns() function within the WebUI. A remote privileged user can send a specially crafted HTTP request to the web interface, trigger memory corruption and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97986
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41585
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation within the recvCmd binary, used by the host OS for communicating with the guest OS. A malicious guest can pass specially crafted data to the binary and execute arbitrary OS commands on the host OS.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97975
Risk: Critical
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41592
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in GetCGI() function within the WebUI when handling HTTP query parameters. A remote attacker can send a specially crafted HTTP request to the web interface, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97969
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41584
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data passed via the "sFormAuthSr" parameter to wlogin.cgi. A remote attacker can trick the victim into clicking on a specially crafted line and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97968
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41591
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data passed via the "content" query string parameter to doc/hslogp1_link.htm. A remote attacker can trick the victim into clicking on a specially crafted line and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU97967
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41587
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when handling a custom greeting message. A remote user can execute arbitrary HTML and script code in user's browser in context of vulnerable website.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVigor 1000B: before 4.3.2.8
Vigor 2962: before 4.3.2.8
Vigor 3910: before 4.3.2.8
Vigor 3912: before 4.3.6.1
Vigor 165: before 4.2.7
Vigor 166: before 4.2.7
Vigor 2135: before 4.4.5.1
Vigor 2763: before 4.4.5.1
Vigor 2765: before 4.4.5.1
Vigor 2766: before 4.4.5.1
Vigor 2865: before 4.4.5.3
Vigor 2866: before 4.4.5.3
Vigor 2915: before 4.4.5.3
Vigor 2620: before 3.9.8.9
Vigor LTE200: before 3.9.8.9
Vigor 2133: before 3.9.9
Vigor 2762: before 3.9.9
Vigor 2832: before 3.9.9
Vigor 2860: before 3.9.8
Vigor 2925: before 3.9.8
Vigor 2862: before 3.9.9.5
Vigor 2926: before 3.9.9.5
Vigor 2952: before 3.9.8.2
Vigor 3220: before 3.9.8.2
CPE2.3http://www.forescout.com/resources/draybreak-draytek-research/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.