DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2020-8515 | Multiple DrayTek Vigor Routers Web Management Page Vulnerability | secondary_impact | T1496 | Resource Hijacking |
Comments
CVE-2020-8515 is a command injection vulnerability affecting certain DrayTek devices, This vulnerability allows an attacker to make arbitrary commands on the affected devices without authentication. Successful exploitation has been reported leading to resource hijacking for botnet use.
References
|
| CVE-2020-8515 | Multiple DrayTek Vigor Routers Web Management Page Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
CVE-2020-8515 is a command injection vulnerability affecting certain DrayTek devices, This vulnerability allows an attacker to make arbitrary commands on the affected devices without authentication. Successful exploitation has been reported leading to resource hijacking for botnet use.
References
|
| CVE-2020-8515 | Multiple DrayTek Vigor Routers Web Management Page Vulnerability | exploitation_technique | T1133 | External Remote Services |
Comments
CVE-2020-8515 is a command injection vulnerability affecting certain DrayTek devices, This vulnerability allows an attacker to make arbitrary commands on the affected devices without authentication. Successful exploitation has been reported leading to resource hijacking for botnet use.
References
|