CVE-2022-32548 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	10 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
mitre	CNA	10 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 98%

Vendor	Product	Version
draytek	vigor3910_firmware	𝑥 < 4.3.1.1
draytek	vigor1000b_firmware	𝑥 < 4.3.1.1
draytek	vigor2962_firmware	𝑥 < 4.3.1.1
draytek	vigor2962p_firmware	𝑥 < 4.3.1.1
draytek	vigor2927_firmware	𝑥 < 4.4.0
draytek	vigor2927ax_firmware	𝑥 < 4.4.0
draytek	vigor2927ac_firmware	𝑥 < 4.4.0
draytek	vigor2927vac_firmware	𝑥 < 4.4.0
draytek	vigor2927l_firmware	𝑥 < 4.4.0
draytek	vigor2927lac_firmware	𝑥 < 4.4.0
draytek	vigor2915_firmware	𝑥 < 4.3.3.2
draytek	vigor2915ac_firmware	𝑥 < 4.3.3.2
draytek	vigor2952_firmware	𝑥 < 3.9.7.2
draytek	vigor2952p_firmware	𝑥 < 3.9.7.2
draytek	vigor3220_firmware	𝑥 < 3.9.7.2
draytek	vigor2926_firmware	𝑥 < 3.9.8.1
draytek	vigor2926n_firmware	𝑥 < 3.9.8.1
draytek	vigor2926ac_firmware	𝑥 < 3.9.8.1
draytek	vigor2926vac_firmware	𝑥 < 3.9.8.1
draytek	vigor2926l_firmware	𝑥 < 3.9.8.1
draytek	vigor2926ln_firmware	𝑥 < 3.9.8.1
draytek	vigor2926lac_firmware	𝑥 < 3.9.8.1
draytek	vigor2862_firmware	𝑥 < 3.9.8.1
draytek	vigor2862n_firmware	𝑥 < 3.9.8.1
draytek	vigor2862ac_firmware	𝑥 < 3.9.8.1
draytek	vigor2862vac_firmware	𝑥 < 3.9.8.1
draytek	vigor2862b_firmware	𝑥 < 3.9.8.1
draytek	vigor2862bn_firmware	𝑥 < 3.9.8.1
draytek	vigor2862l_firmware	𝑥 < 3.9.8.1
draytek	vigor2862ln_firmware	𝑥 < 3.9.8.1
draytek	vigor2862lac_firmware	𝑥 < 3.9.8.1
draytek	vigor2620l_firmware	𝑥 < 3.9.8.1
draytek	vigor2620ln_firmware	𝑥 < 3.9.8.1
draytek	vigorlte_200n_firmware	𝑥 < 3.9.8.1
draytek	vigor2133_firmware	𝑥 < 3.9.6.4
draytek	vigor2133n_firmware	𝑥 < 3.9.6.4
draytek	vigor2133ac_firmware	𝑥 < 3.9.6.4
draytek	vigor2133vac_firmware	𝑥 < 3.9.6.4
draytek	vigor2133fvac_firmware	𝑥 < 3.9.6.4
draytek	vigor2762_firmware	𝑥 < 3.9.6.4
draytek	vigor2762n_firmware	𝑥 < 3.9.6.4
draytek	vigor2762ac_firmware	𝑥 < 3.9.6.4
draytek	vigor2762vac_firmware	𝑥 < 3.9.6.4
draytek	vigor165_firmware	𝑥 < 4.2.4
draytek	vigor166_firmware	𝑥 < 4.2.4
draytek	vigor2135_firmware	𝑥 < 4.4.2
draytek	vigor2135ac_firmware	𝑥 < 4.4.2
draytek	vigor2135vac_firmware	𝑥 < 4.4.2
draytek	vigor2135fvac_firmware	𝑥 < 4.4.2
draytek	vigor2765_firmware	𝑥 < 4.4.2
draytek	vigor2765ac_firmware	𝑥 < 4.4.2
draytek	vigor2765vac_firmware	𝑥 < 4.4.2
draytek	vigor2766_firmware	𝑥 < 4.4.2
draytek	vigor2766ac_firmware	𝑥 < 4.4.2
draytek	vigor2766vac_firmware	𝑥 < 4.4.2
draytek	vigor2832_firmware	𝑥 < 3.9.6
draytek	vigor2865_firmware	𝑥 < 4.4.0
draytek	vigor2865ax_firmware	𝑥 < 4.4.0
draytek	vigor2865ac_firmware	𝑥 < 4.4.0
draytek	vigor2865vac_firmware	𝑥 < 4.4.0
draytek	vigor2865l_firmware	𝑥 < 4.4.0
draytek	vigor2865lac_firmware	𝑥 < 4.4.0
draytek	vigor2866_firmware	𝑥 < 4.4.0
draytek	vigor2866ax_firmware	𝑥 < 4.4.0
draytek	vigor2866ac_firmware	𝑥 < 4.4.0
draytek	vigor2866vac_firmware	𝑥 < 4.4.0
draytek	vigor2866l_firmware	𝑥 < 4.4.0
draytek	vigor2866lac_firmware	𝑥 < 4.4.0

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References

https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers

https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html

https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers

https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html