Unrated severityNVD Advisory· Published Oct 3, 2024· Updated Oct 3, 2024

CVE-2024-41590

Description

Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6.

Affected products

Draytek/Vigor3910cpe-rescue2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=4.3.2.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.forescout.com/resources/draybreak-draytek-research/mitre
www.forescout.com/resources/draytek14-vulnerabilitiesmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000