CVE-2024-46316
09.10.2024, 16:15
DrayTek Vigor3900 v1.5.1.6 was discovered to contain a command injection vulnerability via the sub_2C920 function at /cgi-bin/mainfunction.cgi. This vulnerability allows attackers to execute arbitrary commands via supplying a crafted HTTP message.
| Vendor | Product | Version |
|---|---|---|
| draytek | vigor3900_firmware | 1.5.1.6 |
𝑥
= Vulnerable software versions