Vigor300b Firmware

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-3040 MEDIUM POC This Month

Command injection in DrayTek Vigor 300B firmware up to version 1.5.1.6 allows authenticated remote attackers to execute arbitrary OS commands via the File parameter in the web management interface. Public exploit code exists for this vulnerability, though the vendor has confirmed the product is end-of-life and no patch will be released. This affects only unsupported installations with administrative access.

Command Injection Vigor300b Firmware

NVD GitHub VulDB

CVSS 3.1

4.7

EPSS

0.3%

CVE-2026-3040

EPSS 0% CVSS 4.7

MEDIUM POC This Month

Command injection in DrayTek Vigor 300B firmware up to version 1.5.1.6 allows authenticated remote attackers to execute arbitrary OS commands via the File parameter in the web management interface. Public exploit code exists for this vulnerability, though the vendor has confirmed the product is end-of-life and no patch will be released. This affects only unsupported installations with administrative access.

Command Injection Vigor300b Firmware

NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy