Skip to main content

Vigor 2960

1 CVEs product

Monthly

CVE-2022-50994 CRITICAL PATCH Monitor

DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required.

Command Injection RCE Vigor 2960
NVD
CVSS 4.0
9.2
EPSS
0.1%
EPSS 0% CVSS 9.2
CRITICAL PATCH Monitor

DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required.

Command Injection RCE Vigor 2960
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy