Skip to main content

Vigor300b Firmware

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-3040 LOW POC Monitor

Command injection in DrayTek Vigor 300B firmware up to version 1.5.1.6 allows authenticated remote attackers to execute arbitrary OS commands via the File parameter in the web management interface. Public exploit code exists for this vulnerability, though the vendor has confirmed the product is end-of-life and no patch will be released. This affects only unsupported installations with administrative access.

Command Injection Vigor300b Firmware
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.3%
CVE-2026-3040
EPSS 0% CVSS 2.0
LOW POC Monitor

Command injection in DrayTek Vigor 300B firmware up to version 1.5.1.6 allows authenticated remote attackers to execute arbitrary OS commands via the File parameter in the web management interface. Public exploit code exists for this vulnerability, though the vendor has confirmed the product is end-of-life and no patch will be released. This affects only unsupported installations with administrative access.

Command Injection Vigor300b Firmware
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy