CVE-2023-1009

A vulnerability classified as problematic has been found in DrayTek Vigor 2960 1.5.1.4. Affected is the function sub_1DF14 of the file /cgi-bin/mainfunction.cgi. The manipulation of the argument option with the input /../etc/password leads to path traversal. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. VDB-221742 is the identifier assigned to this vulnerability.
Configurations

Configuration 1

No configuration.

Information

Published : 2023-02-24 11:15

Updated : 2023-02-24 02:02


NVD link : CVE-2023-1009

Mitre link : CVE-2023-1009

Products Affected
CWE