Back

CVE-2024-41588

Oct. 3, 2024, 7:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

DrayTek Vigor3910

  • up to 4.3.2.6

Source

cve@mitre.org

Tags

cve@mitre.org
2024-10-03
CVE-2024-41588

CVE-2024-41588 details

Published : Oct. 3, 2024, 7:15 p.m.
Last Modified : Oct. 3, 2024, 7:15 p.m.

Description

The CGI endpoints v2x00.cgi and cgiwcg.cgi of DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strncpy function.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://www.forescout.com/resources/draybreak-draytek-research/ cve@mitre.org
https://www.forescout.com/resources/draytek14-vulnerabilities cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.