admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-415xx/CVE-2024-41593.json
cad-safe-bot cd79773986 Auto-Update: 2025-03-13T21:00:20.942892+00:00
2025-03-13 21:03:49 +00:00

786 lines
21 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-41593",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-03T19:15:04.740",
"lastModified": "2025-03-13T19:15:47.260",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow."
},
{
"lang": "es",
"value": "Los dispositivos DrayTek Vigor310 hasta 4.3.2.6 permiten a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n ft_payload_dns(), porque se produce una operaci\u00f3n de extensi\u00f3n de signo de byte para el argumento de longitud de una llamada _memcpy, lo que lleva a un desbordamiento de b\u00fafer basado en el mont\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.6.1",
"matchCriteriaId": "84670562-F228-40A0-A38D-144EA62556D3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*",
"matchCriteriaId": "282E5318-DAA8-4AA2-8E7D-4B8BD9162153"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.2.8",
"matchCriteriaId": "0549C870-BE10-441A-B07D-0701915E5A9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0",
"versionEndExcluding": "4.4.3.1",
"matchCriteriaId": "0D1A9825-E419-4740-996A-5928D207FCB6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0C9A21-7CFE-452F-8505-834AB8579D9B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.2.8",
"matchCriteriaId": "B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0",
"versionEndExcluding": "4.4.3.1",
"matchCriteriaId": "2602941C-255F-4289-9043-D396CC4B3192"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "894E4DDA-D9BE-441D-B447-B1CE52959347"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.7",
"matchCriteriaId": "59521C99-00BA-4503-823E-3FEA44F8DDA0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E644893-0457-43A9-98AB-9DB37A5C415C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.2.8",
"matchCriteriaId": "CDBC681E-CD03-49E5-BC3A-E4A7654975A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0.0",
"versionEndExcluding": "4.4.3.1",
"matchCriteriaId": "ABDC93B5-DC0A-4AA4-A340-382F108AE80B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF86645-253A-4BA3-BA2A-2725575C390D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.7",
"matchCriteriaId": "08B9436B-B2FE-4644-BB06-B0537EC23A71"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E33E647-5883-44FA-9915-34B89090D4E4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.5.3",
"matchCriteriaId": "B4AB3320-27F8-4359-AEF8-6B1FDBA67111"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.5.3",
"matchCriteriaId": "1A559F44-80F8-44B7-B70F-BA0B78C85283"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA9DF5D-6651-455A-9305-C42C0FF51F01"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.5.3",
"matchCriteriaId": "1B1826F9-0258-44DD-A471-113CF55CE563"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60657812-D3A8-4B1B-B7BE-F629991CB053"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.5.2",
"matchCriteriaId": "C3D46DEC-06AB-489F-A0B5-10C31F80A8C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871448C6-9183-4828-A287-05F5EC6A44F6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.5.3",
"matchCriteriaId": "8F87D851-15BC-4FC1-8AB7-D5C15B2B74F0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AB3C84-67CA-4531-85FB-1A56F3C93ABF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.5.2",
"matchCriteriaId": "89461FD4-897D-44F1-8486-4BCCDE3772DD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.5.3",
"matchCriteriaId": "E6E55BCE-BBF0-454B-AE86-45B7298888B3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5860CBE4-328E-418D-9E81-1D3AF7DB8F2B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "289E3E0B-6BA4-44B8-968A-AC374B15B631"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D98663B-F2F5-4ADC-9FD5-75846890EEBA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BD8E59-6C67-4C80-B25F-2C5814A8CF0E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBF2015-9315-44C8-A9FE-E86146F1958E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43265128-7E8E-4FE2-8488-AC5734A4AF70"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1878E59C-FB40-435D-940A-8952C56FA88B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52F71B18-89B5-42C7-B4B7-448844D6AFBC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3873B2B9-95C1-4F00-9165-7C4D2A90CDE5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A96F64C0-09DD-4553-AC5F-D722B8321B0D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0978465-D59F-4C0A-A29F-5D7BE58BA557"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C4077B-C73F-4431-9103-C09960E203E1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "266C73DE-BFC6-4F3E-B022-559B3971CA44"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D081E5D-7A68-47A0-9EFE-1FC01DA2FF23"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C470B04-BD57-429B-80FC-328A7D2E35E5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7536B29C-2030-4331-B8BF-D269D86D199B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A688631-4B36-43CC-AEF8-D390081F01DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1B117B-603D-493C-A804-C18ED332A221"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E207BB52-29F8-4F2F-AA06-855B38E22958"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*",
"matchCriteriaId": "167336E2-AAA8-4424-AB07-2D7C9E1542B3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8437FD-65E2-4203-82B9-8FC32444204A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64955940-3998-4B76-92D1-D9F3FAB874B4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.forescout.com/resources/draybreak-draytek-research/",
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.forescout.com/resources/draytek14-vulnerabilities",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink