DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-02-01T12:36:59
Updated: 2020-03-31T16:06:04
Reserved: 2020-02-01T00:00:00
Link: CVE-2020-8515
JSON object: View
NVD Information
Status : Modified
Published: 2020-02-01T13:15:12.623
Modified: 2023-11-07T03:26:36.773
Link: CVE-2020-8515
JSON object: View
Redhat Information
No data.
CWE