cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-14472,https://securityvulnerability.io/vulnerability/CVE-2020-14472,Command Injection Vulnerabilities in Draytek Vigor Devices,"Draytek's Vigor3900, Vigor2960, and Vigor 300B devices are susceptible to command injection flaws found in the mainfunction.cgi file. These vulnerabilities could allow an attacker to execute arbitrary commands on the affected devices, potentially compromising their security and functionality. It is crucial for users of these devices to apply the necessary updates to mitigate any risks associated with this vulnerability.",Draytek,Vigor300b Firmware,9.8,CRITICAL,0.012790000066161156,false,,false,false,false,,,false,false,,2020-06-24T16:51:23.000Z,0
CVE-2020-14473,https://securityvulnerability.io/vulnerability/CVE-2020-14473,Stack-based Buffer Overflow in DrayTek Vigor Routers,"A stack-based buffer overflow vulnerability exists in DrayTek's Vigor3900, Vigor2960, and Vigor300B devices with firmware earlier than version 1.5.1.1. When exploited, this vulnerability could allow attackers to execute arbitrary code, potentially compromising the device's integrity and enabling unauthorized access to the network.",Draytek,Vigor300b Firmware,9.8,CRITICAL,0.005590000189840794,false,,false,false,false,,,false,false,,2020-06-24T16:41:51.000Z,0
CVE-2020-14993,https://securityvulnerability.io/vulnerability/CVE-2020-14993,Stack-based Buffer Overflow in DrayTek Vigor Series,"A stack-based buffer overflow vulnerability exists on DrayTek Vigor2960, Vigor3900, and Vigor300B devices prior to version 1.5.1.1. This security flaw allows remote attackers to exploit the formuserphonenumber parameter in an authusersms action via mainfunction.cgi, potentially leading to the execution of arbitrary code. Proper updates and security patches are recommended to mitigate this vulnerability.",Draytek,Vigor300b Firmware,9.8,CRITICAL,0.03700000047683716,false,,false,false,false,,,false,false,,2020-06-23T11:50:58.000Z,0
CVE-2020-10828,https://securityvulnerability.io/vulnerability/CVE-2020-10828,Stack-Based Buffer Overflow in Draytek Vigor Devices,"A stack-based buffer overflow vulnerability exists in the cvmd component of Draytek Vigor3900, Vigor2960, and Vigor300B routers prior to version 1.5.1. This flaw enables remote attackers to execute arbitrary code on the affected devices by sending specially crafted HTTP requests. If exploited, this vulnerability could lead to unauthorized access and control over the network, compromising sensitive data and operations.",Draytek,Vigor300b Firmware,9.8,CRITICAL,0.01988999918103218,false,,false,false,false,,,false,false,,2020-03-26T16:05:21.000Z,0
CVE-2020-10827,https://securityvulnerability.io/vulnerability/CVE-2020-10827,"Stack-Based Buffer Overflow in Draytek Vigor3900, Vigor2960, and Vigor300B Devices","A stack-based buffer overflow vulnerability exists in the apmd service on Draytek Vigor3900, Vigor2960, and Vigor300B devices prior to version 1.5.1. This flaw enables remote attackers to execute arbitrary code by sending specially crafted HTTP requests, potentially compromising the integrity and confidentiality of the device. Users are advised to update their devices to mitigate this risk.",Draytek,Vigor300b Firmware,9.8,CRITICAL,0.01988999918103218,false,,false,false,false,,,false,false,,2020-03-26T16:05:12.000Z,0
CVE-2020-10826,https://securityvulnerability.io/vulnerability/CVE-2020-10826,Command Injection Vulnerability in Draytek Vigor Devices,"A command injection vulnerability has been identified in the /cgi-bin/activate.cgi component of Draytek Vigor3900, Vigor2960, and Vigor300B devices prior to version 1.5.1. This vulnerability enables remote attackers to execute arbitrary commands by sending specially crafted HTTP requests while the device is in DEBUG mode. Proper security measures should be taken to mitigate potential exploitation.",Draytek,Vigor300b Firmware,9.8,CRITICAL,0.005249999929219484,false,,false,false,false,,,false,false,,2020-03-26T16:05:03.000Z,0
CVE-2020-10825,https://securityvulnerability.io/vulnerability/CVE-2020-10825,Stack-Based Buffer Overflow in Draytek Vigor Devices,"A stack-based buffer overflow vulnerability exists in the /cgi-bin/activate.cgi component of Draytek Vigor3900, Vigor2960, and Vigor300B devices. This issue arises when handling the 'ticket' parameter during base64 decoding. Attackers can exploit this vulnerability by sending crafted HTTP requests to trigger the overflow, which may lead to unauthorized code execution on the targeted devices.",Draytek,Vigor300b Firmware,9.8,CRITICAL,0.01988999918103218,false,,false,false,false,,,false,false,,2020-03-26T16:04:57.000Z,0
CVE-2020-10824,https://securityvulnerability.io/vulnerability/CVE-2020-10824,"Stack-Based Buffer Overflow in Draytek Vigor3900, Vigor2960, and Vigor300B Devices","A stack-based buffer overflow vulnerability exists in the /cgi-bin/activate.cgi component of Draytek Vigor3900, Vigor2960, and Vigor300B devices prior to version 1.5.1. This flaw may allow remote attackers to trigger code execution by crafting a malicious HTTP request that exploits the vulnerable ticket parameter, leading to potential unauthorized access and control over the device.",Draytek,Vigor300b Firmware,9.8,CRITICAL,0.01988999918103218,false,,false,false,false,,,false,false,,2020-03-26T16:04:44.000Z,0
CVE-2020-10823,https://securityvulnerability.io/vulnerability/CVE-2020-10823,Stack-based Buffer Overflow in Draytek Vigor Devices,"A stack-based buffer overflow vulnerability has been identified in Draytek Vigor3900, Vigor2960, and Vigor300B devices prior to version 1.5.1. This security flaw resides in the /cgi-bin/activate.cgi component, which processes the 'var' parameter. Attackers can exploit this vulnerability to execute arbitrary code remotely through crafted HTTP requests, potentially compromising the affected devices.",Draytek,Vigor300b Firmware,9.8,CRITICAL,0.01988999918103218,false,,false,false,false,,,false,false,,2020-03-26T16:04:38.000Z,0