VYPR
Unrated severityNVD Advisory· Published Mar 15, 2023· Updated Aug 2, 2024

CVE-2023-24229

CVE-2023-24229

Description

DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Draytek/Vigor2962cpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 1.5.1.4

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.