VYPR
High severity8.0NVD Advisory· Published Oct 9, 2024· Updated Jun 17, 2026

CVE-2024-46316

CVE-2024-46316

Description

DrayTek Vigor3900 v1.5.1.6 was discovered to contain a command injection vulnerability via the sub_2C920 function at /cgi-bin/mainfunction.cgi. This vulnerability allows attackers to execute arbitrary commands via supplying a crafted HTTP message.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Draytek/Vigor3900cpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 1.5.1.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.