From 1b760ce90baf67944c00ecf49fe194a5f6cf0c16 Mon Sep 17 00:00:00 2001
From: tardc <itardc@163.com>
Date: Mon, 8 Jun 2020 16:22:05 +0800
Subject: [PATCH] Add CVE-2020-8515

---
 DrayTek/CVE-2020-8515/README.md | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 DrayTek/CVE-2020-8515/README.md

diff --git a/DrayTek/CVE-2020-8515/README.md b/DrayTek/CVE-2020-8515/README.md
new file mode 100644
index 0000000..608c3d9
--- /dev/null
+++ b/DrayTek/CVE-2020-8515/README.md
@@ -0,0 +1,10 @@
+# CVE-2020-8515 DrayTek pre-auth remote root RCE
+
+DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
+
+**Affected version**: Vigor 2960 1.3.1_Beta, Vigor 3900 1.4.4_Beta, and Vigor 300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta
+
+**[FOFA](https://fofa.so/result?qbase64=dGl0bGU9IlZpZ29yIDI5NjAiIHx8IHRpdGxlPSJWaWdvciAzOTAwIiB8fCB0%0AaXRsZT0iVmlnb3IgMzAwQiI%3D) query rule**: title="Vigor 2960" || title="Vigor 3900" || title="Vigor 300B"
+
+# Demo
+