CVE-2022-32548

CRITICAL

Draytek Vigor3910 Firmware < 4.3.1.1 - Buffer Overflow

Title source: rule

Description

An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.

Exploits (2)

nomisec SUSPICIOUS 8 stars

by MosaedH · poc

https://github.com/MosaedH/CVE-2022-32548-RCE-POC

View Code ZIP pw:eip

inthewild

poc

https://github.com/alexmention/cve-2022-32548-rce-poc

View on inthewild

References (2)

[Exploit, Third Party Advisory] https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek-vigor-routers

[Exploit, Third Party Advisory] https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-routers.html

Scores

CVSS v3 10.0

EPSS 0.6557

EPSS Percentile 98.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CWE

CWE-120

Status published

Products (50)

draytek/vigor1000b_firmware < 4.3.1.1

draytek/vigor165_firmware < 4.2.4

draytek/vigor166_firmware < 4.2.4

draytek/vigor2133ac_firmware < 3.9.6.4

draytek/vigor2133_firmware < 3.9.6.4

draytek/vigor2133fvac_firmware < 3.9.6.4

draytek/vigor2133n_firmware < 3.9.6.4

draytek/vigor2133vac_firmware < 3.9.6.4

draytek/vigor2135ac_firmware < 4.4.2

draytek/vigor2135_firmware < 4.4.2

... and 40 more

Published Aug 29, 2022

Tracked Since Feb 18, 2026