admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 18:52:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-6265.md

19 lines
911 B
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-6265](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6265)
![](https://img.shields.io/static/v1?label=Product&message=Vigor2960&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%201.5.1.4%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Path%20Traversal&color=brighgreen)
### Description
** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** Draytek Vigor2960 v1.5.1.4 and v1.5.1.5 are vulnerable to directory traversal via the mainfunction.cgi dumpSyslog 'option' parameter allowing an authenticated attacker with access to the web management interface to delete arbitrary files. Vigor2960 is no longer supported.
### POC
#### Reference
- https://github.com/xxy1126/Vuln/blob/main/Draytek/4.md
Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00
- https://github.com/xxy1126/Vuln/blob/main/Draytek/4.md
Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
#### Github
No PoCs found on GitHub currently.
Reference in New Issue Copy Permalink