VYPR
High severity8.0NVD Advisory· Published Oct 3, 2024· Updated Jun 17, 2026

CVE-2024-41588

CVE-2024-41588

Description

The CGI endpoints v2x00.cgi and cgiwcg.cgi of DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strncpy function.

Affected products

2
  • Draytek/Vigor3910cpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=4.3.2.6

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.