Intrusion PreventionDrayTek.Devices.mainfunction.cgi.Command.Injection
Description
This indicates an attack attempt to exploit a Command Injection vulnerability in DrayTek Vigor devices.
The vulnerability is due to insufficient sanitizing of user supplied inputs. A remote attacker may be able to exploit this to execute arbitrary commands within the context of the application, via a crafted HTTP request.
Affected Products
Vigor2960 before v1.5.1
Vigor300B before v1.5.1
Vigor3900 before v1.5.1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-(cve-2020-8515)/
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2025-02-27 | 31.962 |
Modified
|
Sig Added |
| 2025-02-19 | 30.957 |
Modified
|
Name:DrayTek. Devices. mainfunction. keypath. Command. Injection:DrayTek. Devices. mainfunction. cgi. Command. Injection |
| 2024-07-23 | 28.831 |
Modified
|
Name:DrayTek. Routers. mainfunction. keypath. Command. Injection:DrayTek. Devices. mainfunction. keypath. Command. Injection |
| 2024-05-28 | 27.794 |
Modified
|
Name:DrayTek. Vigor. Router. Web. Management. Page. Command. Injection:DrayTek. Routers. mainfunction. keypath. Command. Injection |
| 2020-05-04 | 15.832 |
Modified
|
Default_action:pass:drop |
| 2020-04-15 | 15.818 |
New
|
| ID | 48908 |
| Created | Apr 15, 2020 |
| Updated | Mar 03, 2025 |
| CVE ID | |
| Risk |
|
| Known Exploited | Yes |
| Exploit Prediction Score | 94.36% |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Other |
| Profile Type | OS Command Injection |