CVE-2023-6265

Published: Nov 22, 2023Modified: Nov 21, 2024

8.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

** UNSUPPORTED WHEN ASSIGNED ** Draytek Vigor2960 v1.5.1.4 and v1.5.1.5 are vulnerable to directory traversal via the mainfunction.cgi dumpSyslog 'option' parameter allowing an authenticated attacker with access to the web management interface to delete arbitrary files. Vigor2960 is no longer supported.

Affected (2)

Products: Draytek: Vigor2960 Firmware

1 product

Vigor2960 Firmware

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Draytek Vigor2960 Firmware	Version 1.5.1.4
Draytek Vigor2960 Firmware	Version 1.5.1.5

Running on/with	Platform Versions
Draytek Vigor2960	All versions

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (6)

https://github.com/xxy1126/Vuln/blob/main/Draytek/4.md

Source: 9119a7d8-5eab-497f-8521-727c672e3725

Exploit

https://www.draytek.com/about/newsroom/2021/2021/end-of-life-notification-vigor2960

Source: 9119a7d8-5eab-497f-8521-727c672e3725

Product

https://www.draytek.com/products/vigor2960/

Source: 9119a7d8-5eab-497f-8521-727c672e3725

Product

https://github.com/xxy1126/Vuln/blob/main/Draytek/4.md

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://www.draytek.com/about/newsroom/2021/2021/end-of-life-notification-vigor2960

Source: af854a3a-2127-422b-91ae-364da2661108

Product

https://www.draytek.com/products/vigor2960/

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.