Critical severity9.8NVD Advisory· Published Oct 30, 2024· Updated Jun 17, 2026
CVE-2024-51298
CVE-2024-51298
Description
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.