CVE-2020-8515: Multiple DrayTek Vigor Routers Web Management Page Vulnerability
First published: Sat Feb 01 2020(Updated: )
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| DrayTek Multiple Vigor Routers | ||
| Draytek Vigor2960 Firmware | =1.3.1-beta | |
| DrayTek Vigor2960 | ||
| Draytek Vigor300b Firmware | =1.3.3-beta | |
| Draytek Vigor300b Firmware | =1.4.2.1-beta | |
| Draytek Vigor300b Firmware | =1.4.4-beta | |
| Draytek Vigor300b | ||
| Draytek Vigor3900 Firmware | =1.4.4-beta | |
| DrayTek Vigor3900 | ||
| All of | ||
| Draytek Vigor2960 Firmware | =1.3.1-beta | |
| DrayTek Vigor2960 | ||
| All of | ||
| Any of | ||
| Draytek Vigor300b Firmware | =1.3.3-beta | |
| Draytek Vigor300b Firmware | =1.4.2.1-beta | |
| Draytek Vigor300b Firmware | =1.4.4-beta | |
| Draytek Vigor300b | ||
| All of | ||
| Draytek Vigor3900 Firmware | =1.4.4-beta | |
| DrayTek Vigor3900 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/156979/DrayTek-Vigor2960-Vigor3900-Vigor300B-Remote-Command-Execution.html
- https://sku11army.blogspot.com/2020/01/draytek-unauthenticated-rce-in-draytek.html
- https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-(cve-2020-8515)/
- https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-%28cve-2020-8515%29/
- https://nvd.nist.gov/vuln/detail/CVE-2020-8515
Frequently Asked Questions
What is the severity of CVE-2020-8515?
The severity of CVE-2020-8515 is critical with a score of 9.8.
Which DrayTek Vigor Routers are affected by CVE-2020-8515?
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices are affected.
How can remote code execution be achieved in CVE-2020-8515?
Remote code execution can be achieved as root (without authentication) by using shell metacharacters to the cgi-bin/mainfunction.cgi URI.
Has CVE-2020-8515 been fixed?
Yes, this issue has been fixed in Vigor3900/2960/300B v1.5.1.
What is the Common Weakness Enumeration (CWE) of CVE-2020-8515?
The CWE of CVE-2020-8515 is CWE-78.
- agent/type
- agent/description
- agent/title
- agent/severity
- agent/weakness
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/author
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/tags
- collector/nvd-cve
- vendor/draytek
- canonical/draytek vigor2960 firmware
- version/draytek vigor2960 firmware/1.3.1-beta
- canonical/draytek vigor2960
- canonical/draytek vigor300b firmware
- version/draytek vigor300b firmware/1.3.3-beta
- version/draytek vigor300b firmware/1.4.2.1-beta
- version/draytek vigor300b firmware/1.4.4-beta
- canonical/draytek vigor300b
- canonical/draytek vigor3900 firmware
- version/draytek vigor3900 firmware/1.4.4-beta
- canonical/draytek vigor3900
- canonical/draytek multiple vigor routers