CVE-2024-41592

HIGH EPSS 69.2%
Published Oct 3, 20241y ago · Modified Jun 17, 20262w ago
8.0 CVSS 3.1
High
Find Similar
Published Oct 3, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs.

CVSS Details

Base Score
8.0
Exploitability
2.1
Impact
5.9
Vector string
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Adjacent
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
69.2% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-121

Affected Products 51

VendorProductVersionRange
draytekvigor2952_firmware* <3.9.8.2
draytekvigor2952*any
draytekvigor2620_firmware* <3.9.8.9
draytekvigor2620*any
draytekvigor2915_firmware* <4.4.5.3
draytekvigor2915*any
draytekvigor2866_firmware* <4.4.5.2
draytekvigor2866*any
draytekvigor2766_firmware* <4.4.5.3
draytekvigor2766*any
draytekvigor2865_firmware* <4.4.5.2
draytekvigor2865*any
draytekvigor2765_firmware* <4.4.5.3
draytekvigor2765*any
draytekvigor2763_firmware* <4.4.5.3
draytekvigor2763*any
draytekvigor2135_firmware* <4.4.5.3
draytekvigor2135*any
draytekvigor166_firmware* <4.2.7
draytekvigor166*any
draytekvigor3912_firmware* <4.3.6.1
draytekvigor3912*any
draytekvigor1000b_firmware* <4.3.2.8
draytekvigor1000b_firmware*≥4.4.0.0  –  <4.4.3.1
draytekvigor1000b*any
draytekvigor165_firmware* <4.2.7
draytekvigor165*any
draytekvigor3910_firmware* <4.3.2.8
draytekvigor3910_firmware*≥4.4.0.0  –  <4.4.3.1
draytekvigor3910*any
draytekvigor2962_firmware* <4.3.2.8
draytekvigor2962_firmware*≥4.4.0.0  –  <4.4.3.1
draytekvigor2962*any
draytekvigorlte200_firmware* <3.9.8.9
draytekvigorlte200*any
draytekvigor2133_firmware* <3.9.9
draytekvigor2133*any
draytekvigor2762_firmware* <3.9.9
draytekvigor2762*any
draytekvigor2832_firmware* <3.9.9
draytekvigor2832*any
draytekvigor2860_firmware* <3.9.8
draytekvigor2860*any
draytekvigor2862_firmware* <3.9.9.5
draytekvigor2862*any
draytekvigor2925_firmware* <3.9.8
draytekvigor2925*any
draytekvigor2926_firmware* <3.9.9.5
draytekvigor2926*any
draytekvigor3220_firmware* <3.9.8.2
draytekvigor3220*any

References 2

  • forescout.com https://www.forescout.com/resources/draybreak-draytek-research/
    ExploitMitigationThird Party Advisory
  • forescout.com https://www.forescout.com/resources/draytek14-vulnerabilities
    Broken Link

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.