CVE-2020-15415: DrayTek Multiple Vigor Routers OS Command Injection Vulnerability
First published: Tue Jun 30 2020(Updated: )
DrayTek Vigor3900, Vigor2960, and Vigor300B devices contain an OS command injection vulnerability in cgi-bin/mainfunction.cgi/cvmcfgupload that allows for remote code execution via shell metacharacters in a filename when the text/x-python-script content type is used.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| DrayTek Vigor Routers | ||
| DrayTek Vigor 3900 | <1.5.1 | |
| DrayTek Vigor Routers | ||
| Draytek Vigor 2960 Firmware | <1.5.1 | |
| DrayTek Vigor 2960 | ||
| Draytek Vigor300b Firmware | <1.5.1 | |
| DrayTek Vigor 300B | ||
| All of | ||
| DrayTek Vigor 3900 | <1.5.1 | |
| DrayTek Vigor Routers | ||
| All of | ||
| Draytek Vigor 2960 Firmware | <1.5.1 | |
| DrayTek Vigor 2960 | ||
| All of | ||
| Draytek Vigor300b Firmware | <1.5.1 | |
| DrayTek Vigor 300B |
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-15415?
CVE-2020-15415 is a vulnerability found in DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, allowing remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used.
How severe is CVE-2020-15415?
CVE-2020-15415 has a severity rating of 9.8 (Critical).
Which DrayTek devices are affected by CVE-2020-15415?
DrayTek Vigor3900, Vigor2960, and Vigor300B devices before version 1.5.1 are affected by CVE-2020-15415.
How can CVE-2020-15415 be exploited?
CVE-2020-15415 can be exploited by using shell metacharacters in a filename when the text/x-python-script content type is used on vulnerable DrayTek devices.
Is there a patch or update available for CVE-2020-15415?
Yes, updating DrayTek Vigor3900, Vigor2960, and Vigor300B devices to version 1.5.1 or later will fix the vulnerability.
- agent/type
- agent/severity
- agent/first-publish-date
- agent/remedy
- agent/references
- agent/title
- agent/description
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/weakness
- agent/tags
- agent/last-modified-date
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- agent/softwarecombine
- vendor/draytek
- canonical/draytek vigor routers
- canonical/draytek vigor 3900
- canonical/draytek vigor 2960 firmware
- canonical/draytek vigor 2960
- canonical/draytek vigor300b firmware
- canonical/draytek vigor 300b