Buffer overflow in DrayTek Corp. products - CVE-2022-32548
Published: August 5, 2022
Vulnerability identifier: #VU66126
CSH Severity: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2022-32548
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Vigor 3910
Vigor 1000B
Vigor 2962
Vigor 2927
Vigor 2915
Vigor 2952P
Vigor 2620
Vigor 200n
Vigor 167
Vigor 165
Vigor 166
Vigor 2135
Vigor 2765
Vigor 2766
Vigor 2865
Vigor 2866
Vigor 2952
Vigor 3220
Vigor 2926
Vigor 2862
Vigor 2133
Vigor 2762
Vigor 130
VigorNIC 132
Vigor 2832
Vigor 3910
Vigor 1000B
Vigor 2962
Vigor 2927
Vigor 2915
Vigor 2952P
Vigor 2620
Vigor 200n
Vigor 167
Vigor 165
Vigor 166
Vigor 2135
Vigor 2765
Vigor 2766
Vigor 2865
Vigor 2866
Vigor 2952
Vigor 3220
Vigor 2926
Vigor 2862
Vigor 2133
Vigor 2762
Vigor 130
VigorNIC 132
Vigor 2832
Software vendor:
DrayTek Corp.
DrayTek Corp.
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target device.
The vulnerability exists due to a boundary error in the login page at "/cgi-bin/wlogin.cgi" script within the web management interface. A remote attacker can send a specially crafted base64-encoded payload via HTTP POST request to the affected script, trigger memory corruption and execute arbitrary code on the device.
Remediation
Install updates from vendor's website. As a temporary solution disable access to the web management interface.