CVE-2024-51138

CRITICAL EPSS 62.5%

Published Feb 27, 20251y ago · Modified Jun 17, 20261w ago

9.8 CVSS 3.1

Critical

Published Feb 27, 2025 1y ago

Last Modified Jun 17, 2026 1w ago

Description

Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4.4.5. and earlier; Vigor2865/2866/2927 4.4.5.3 and earlier; Vigor2962 4.3.2.8 and earlier; Vigor3912 4.3.6.1 and earlier; Vigor3910 4.4.3.1 and earlier a stack-based buffer overflow vulnerability has been identified in the URL parsing functionality of the TR069 STUN server. This flaw occurs due to insufficient bounds checking on the amount of URL parameters, allowing an attacker to exploit the overflow by sending a maliciously crafted request. Consequently, a remote attacker can execute arbitrary code with elevated privileges.

CVSS Details

Base Score

9.8

Exploitability

3.9

Impact

5.9

Vector string

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

62.5% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-121

Affected Products 48

Vendor	Product	Version	Range
draytek	vigor3912_firmware	*	<4.4.3.2
draytek	vigor3912	*	any
draytek	vigor2620_firmware	*	<3.9.9.1
draytek	vigor2620	*	any
draytek	vigorlte200_firmware	*	<3.9.9.1
draytek	vigorlte200	*	any
draytek	vigor2860_firmware	*	<3.9.8.3
draytek	vigor2860	*	any
draytek	vigor2925_firmware	*	<3.9.8.3
draytek	vigor2925	*	any
draytek	vigor2862_firmware	*	<3.9.9.8
draytek	vigor2862	*	any
draytek	vigor2926_firmware	*	<3.9.9.8
draytek	vigor2926	*	any
draytek	vigor2133_firmware	*	<3.9.9.2
draytek	vigor2133	*	any
draytek	vigor2762_firmware	*	<3.9.9.2
draytek	vigor2762	*	any
draytek	vigor2832_firmware	*	<3.9.9.2
draytek	vigor2832	*	any
draytek	vigor2135_firmware	*	<4.4.5.5
draytek	vigor2135	*	any
draytek	vigor2765_firmware	*	<4.4.5.5
draytek	vigor2765	*	any
draytek	vigor2766_firmware	*	<4.4.5.5
draytek	vigor2766	*	any
draytek	vigor2763_firmware	*	<4.4.5.5
draytek	vigor2763	*	any
draytek	vigor2865_firmware	*	<4.4.5.8
draytek	vigor2865	*	any
draytek	vigor2866_firmware	*	<4.4.5.8
draytek	vigor2866	*	any
draytek	vigor2927_firmware	*	<4.4.5.8
draytek	vigor2927	*	any
draytek	vigor2962_firmware	*	<4.3.2.9
draytek	vigor2962_firmware	*	≥4.4.3 – <4.4.3.2
draytek	vigor2962	*	any
draytek	vigor3910_firmware	*	<4.3.2.9
draytek	vigor3910_firmware	*	≥4.4.3 – <4.4.3.2
draytek	vigor3910	*	any
draytek	vigor2915_firmware	*	<4.4.5
draytek	vigor2915	*	any
draytek	vigor1000b_firmware	*	<4.4.3.2
draytek	vigor1000b	*	any
draytek	vigor2952_firmware	*	<3.9.8.5
draytek	vigor2952	*	any
draytek	vigor3220_firmware	*	<3.9.8.5
draytek	vigor3220	*	any

References 2

draytek.com http://draytek.com

Product
medium.com https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946

Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.