216.73.217.80

CVE-2020-14993

· Published 23/06/2020 14:15 · Modified 21/12/2025 16:20 · Author: The MITRE Corporation

Labels: CVE-2020-14993

Essential information

Published
23/06/2020 14:15
Modified
21/12/2025 16:20
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
9.8 CRITICAL (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/C:H/I:H/A:H

CVSS metrics

Description

A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.

NVD status

NVD
View on NVD