216.73.217.64

CVE-2024-41585

· Published 03/10/2024 19:15 · Modified 07/10/2024 19:37

Labels: CVE-2024-41585 2024-10-03CVE-2024-41585CWE-78[email protected]

Essential information

Published
03/10/2024 19:15
Modified
07/10/2024 19:37
Author
Creator
CVSS
6.8 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

DrayTek Vigor3910 devices through 4.3.2.6 are affected by an OS command injection vulnerability that allows an attacker to leverage the recvCmd binary to escape from the emulated instance and inject arbitrary commands into the host machine.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References