1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. DrayTek Vigor Routers OS Command Injection Vulnerability

Known Exploited Vulnerabilities CVE-2024-12987

DrayTek Vigor2960, Vigor300B, and Vigor3900 routers contain an OS command injection vulnerability due to an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component web management interface.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2024-12987 DrayTek Vigor Routers OS Command Injection Vulnerability exploitation_technique T1068 Exploitation for Privilege Escalation
Comments
An unauthenticated, remote attacker can exploit this vulnerability to escalate privileges and execute arbitrary code with root access.
References
  1. https://blackkite.com/blog/focus-friday-tprm-insights-into-zimbra-draytek-vigor-atlassian-jira-data-center-tornado-and-mdaemon-vulnerabilities/
CVE-2024-12987 DrayTek Vigor Routers OS Command Injection Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
An unauthenticated, remote attacker can exploit this vulnerability to escalate privileges and execute arbitrary code with root access.
References
  1. https://blackkite.com/blog/focus-friday-tprm-insights-into-zimbra-draytek-vigor-atlassian-jira-data-center-tornado-and-mdaemon-vulnerabilities/