CVE-2013-5703

DrayTek Vigor 2700 Router Firmware 2.8.3 - Remote Code Execution via SSID Value

Title source: llm
STIX 2.1

Description

The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code, and modify settings or the DNS cache, via a crafted SSID value that is not properly handled during insertion into the sWlessSurvey value in variables.js.

References (1)

Core 1
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/101462

Scores

EPSS 0.0126
EPSS Percentile 66.0%

Details

CWE
CWE-78
Status published
Products (2)
draytek/vigor_2700_router
draytek/vigor_2700_router_firmware 2.8.3
Published Oct 22, 2013
Tracked Since Feb 18, 2026