mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
868 B
868 B
CVE-2023-24229
Description
** UNSUPPORTED WHEN ASSIGNED ** DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
POC
Reference
- https://github.com/sadwwcxz/Vul
- https://web.archive.org/web/20230315181013/https://github.com/sadwwcxz/Vul