CVE-2024-48074

Published: Oct 28, 2024

Modified: Nov 8, 2024

PUBLISHED

Description

An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/Giles-one/Vigor2960Crack

https://gist.github.com/Giles-one/6425e97dcd1ec97a722a1e20da25fad7

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-48074

Description

Affected Products

References