Security Advisory

CVE-2024-48074

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-28 00:00:00

Last updated 2024-11-08 21:08:35

Assigner mitre

State PUBLISHED

Description

An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function.

← Browse all CVEs View on cve.org ↗