CVE-2020-15415
⚠ KEVEPSS 93.0%DrayTek Multiple Vigor Routers OS Command Injection Vulnerability
加入 CISA KEV 日:2024/9/30
描述
DrayTek Vigor3900, Vigor2960, and Vigor300B devices contain an OS command injection vulnerability in cgi-bin/mainfunction.cgi/cvmcfgupload that allows for remote code execution via shell metacharacters in a filename when the text/x-python-script content type is used.
受影響套件(0)
OSV 沒有提供套件對應。