CVE-2024-12986

HIGH

Draytek Vigor300b Firmware < 1.5.1.5 - Command Injection

Title source: rule

Description

A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component.

Exploits (1)

nomisec WORKING POC 1 stars

by Aether-0 · poc

https://github.com/Aether-0/CVE-2024-12986

View Code ZIP pw:eip

References (4)

[Exploit, Third Party Advisory] https://netsecfish.notion.site/Command-Injection-in-apmcfgupptim-endpoint-for-DrayTek-Gateway-Devices-1676b683e67c80b9ad8cc37b93273bf6?pvs=4

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.289379

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.289379

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.468794

Scores

CVSS v3 7.3

EPSS 0.7028

EPSS Percentile 98.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-78 CWE-77

Status published

Products (2)

draytek/vigor2960_firmware 1.5.1.3 - 1.5.1.5

draytek/vigor300b_firmware 1.5.1.3 - 1.5.1.5

Published Dec 27, 2024

Tracked Since Feb 18, 2026