Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vigor3910_firmware
(Draytek)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 42 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-09-18 | CVE-2024-46598 | Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iprofileidx parameter at dialin.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | Vigor3910_firmware | 7.5 | ||
| 2024-10-03 | CVE-2024-41587 | Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6. | Vigor1000b_firmware, Vigor165_firmware, Vigor166_firmware, Vigor2133_firmware, Vigor2135_firmware, Vigor2620_firmware, Vigor2762_firmware, Vigor2763_firmware, Vigor2765_firmware, Vigor2766_firmware, Vigor2832_firmware, Vigor2860_firmware, Vigor2862_firmware, Vigor2865_firmware, Vigor2866_firmware, Vigor2915_firmware, Vigor2925_firmware, Vigor2926_firmware, Vigor2952_firmware, Vigor2962_firmware, Vigor3220_firmware, Vigor3910_firmware, Vigor3912_firmware, Vigorlte200_firmware | 5.4 | ||
| 2024-09-18 | CVE-2024-46550 | Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the CGIbyFieldName parameter at chglog.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | Vigor3910_firmware | 7.5 | ||
| 2024-09-18 | CVE-2024-46552 | Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sStRtMskShow parameter at ipstrt.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | Vigor3910_firmware | 7.5 | ||
| 2024-09-18 | CVE-2024-46568 | Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPeerId parameter at vpn.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | Vigor3910_firmware | 7.5 | ||
| 2024-09-18 | CVE-2024-46571 | Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPPPSrvNm parameter at fwuser.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | Vigor3910_firmware | 7.5 | ||
| 2024-09-18 | CVE-2024-46585 | Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at usergrp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | Vigor3910_firmware | 7.5 | ||
| 2024-09-18 | CVE-2024-46593 | Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the trapcomm parameter at cgiswm.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | Vigor3910_firmware | 7.5 | ||
| 2024-09-18 | CVE-2024-46560 | Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pub_key parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | Vigor3910_firmware | 7.5 | ||
| 2024-09-18 | CVE-2024-46580 | Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the fid parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | Vigor3910_firmware | 7.5 |