CVE-2020-14993

Exploit

EPSS 11.64%
Veröffentlicht 23.06.2020 12:15:13
Zuletzt bearbeitet 21.11.2024 05:04:35
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Draytek ≫ Vigor300b Firmware Version < 1.5.1.1

Draytek ≫ Vigor300b Version-

Draytek ≫ Vigor2960 Firmware Version < 1.5.1.1

Draytek ≫ Vigor2960 Version-

Draytek ≫ Vigor3900 Firmware Version < 1.5.1.1

Draytek ≫ Vigor3900 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	11.64%	0.934

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://github.com/dexterone/Vigor-poc

Third Party Advisory

Exploit

https://www.draytek.com/about/security-advisory

Vendor Advisory

https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability-%28cve-2020-14473%29

https://nvd.nist.gov/vuln/detail/CVE-2020-14993

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-14993

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-14993

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2020-14993