Draytek Vigor3910 Firmware

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Draytek Vigor3910 Firmware.

By the Year

In 2026 there have been 0 vulnerabilities in Draytek Vigor3910 Firmware. Vigor3910 Firmware did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2026	0	0.00
2025	0	0.00
2024	45	7.44

It may take a day or so for new Vigor3910 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Draytek Vigor3910 Firmware Security Vulnerabilities

DrayTek Vigor3910 4.3.2.6 Devices: Stored XSS via Router Name (Auth)
CVE-2024-41583 - October 03, 2024

DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to stored Cross Site Scripting (XSS) by authenticated users due to poor sanitization of the router name.

Vigor3910 Auth XSS via sFormAuthStr (pre-4.3.2.6)
CVE-2024-41584 - October 03, 2024

DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation of the sFormAuthStr parameter.

OS Command Injection in DrayTek Vigor3910 recvCmd v4.3.2.6
CVE-2024-41585 - October 03, 2024

DrayTek Vigor3910 devices through 4.3.2.6 are affected by an OS command injection vulnerability that allows an attacker to leverage the recvCmd binary to escape from the emulated instance and inject arbitrary commands into the host machine.

DrayTek Vigor310 before 4.3.2.6 Buffer Overflow via /cgi-bin/ipfedr.cgi
CVE-2024-41586 - October 03, 2024

A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute arbitrary code via a long query string to the cgi-bin/ipfedr.cgi component.

DrayTek Vigor310 HTTP Auth Unencrypted Vulnerability (4.3.2.6)
CVE-2024-41589 - October 03, 2024

DrayTek Vigor310 devices through 4.3.2.6 use unencrypted HTTP for authentication requests.

Stack Overflow in DrayTek Vigor3910 GetCGI (<=4.3.2.6)
CVE-2024-41592 - October 03, 2024

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs.

Remote Setting Modification via .cgi BOC in DrayTek Vigor310 <4.3.2.6
CVE-2024-41595 - October 03, 2024

DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations.

DrayTek Vigor310 Stored XSS via Login Page Greeting pre-4.3.2.6
CVE-2024-41587 5.4 - Medium - October 03, 2024

Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.

XSS

Draytek Vigor 3910 Buffer Overflow in fextobj.cgi (v4.3.2.6) DoS
CVE-2024-46564 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at fextobj.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

DrayTek Vigor 3910 v4.3.2.6 Buffer Overflow in sPubKey Dialin CGI (DoS)
CVE-2024-46597 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPubKey parameter at dialin.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 Queryret Buffer Overflow in v2x00.cgi (DoS)
CVE-2024-46561 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the queryret parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 4.3.2.6 Buffer Overflow in v2x00.cgi (DoS)
CVE-2024-46560 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pub_key parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 buffer overflow in inet15.cgi sBPA_UsrNme causes DoS
CVE-2024-46559 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_UsrNme parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 DoS from buffer overflow in v2x00.cgi
CVE-2024-46558 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the newProname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 DoS via buffer overflow in v2x00.cgi sProfileName
CVE-2024-46557 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 Denial of Service via v2x00.cgi buffer overflow
CVE-2024-46556 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sInRCSecret0 parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 Buffer Overflow in v2x00.cgi pb Param (DoS)
CVE-2024-46555 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pb parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

DoS via Buffer Overflow in v2x00.cgi on Draytek Vigor 3910 4.3.2.6
CVE-2024-46554 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the profname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 Buffer Overflow in v2x00.cgi (Pre-4.3.2.6)
CVE-2024-46553 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ipaddrmsk%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Vigor 3910 v4.3.2.6 Buffer Overflow in ipstrt.cgi -> DoS
CVE-2024-46552 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sStRtMskShow parameter at ipstrt.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Vigor 3910 v4.3.2.6 sBPA_Pwd Buffer Overflow DoS
CVE-2024-46551 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_Pwd parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 CGI Buffer Overflow in chglog.cgi (DoS)
CVE-2024-46550 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the CGIbyFieldName parameter at chglog.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

DoS via Buffer Overflow in sslapp.cgi on Draytek Vigor 3910 v4.3.2.6
CVE-2024-46566 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sAppName parameter at sslapp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 Buffer Overflow at dialin.cgi iprofileidx Allowing DoS
CVE-2024-46598 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iprofileidx parameter at dialin.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 DoS via buffer overflow in v2x00.cgi sAct
CVE-2024-46596 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sAct parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 buffer overflow in lan2lan.cgi causing DoS
CVE-2024-46595 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the saveitem parameter at lan2lan.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Buffer overflow in Draytek Vigor 3910 (v4.3.2.6) saveVPNProfile - DoS
CVE-2024-46594 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the saveVPNProfile parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Buf Overflow in cgiswm.cgi of Draytek Vigor 3910 v4.3.2.6 Enables DoS
CVE-2024-46593 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the trapcomm parameter at cgiswm.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

DoS via buffer overflow in Draytek Vigor 3910 v4.3.2.6 v2x00.cgi
CVE-2024-46592 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ssidencrypt_5g%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 DoS via sDnsPro Buffer Overflow
CVE-2024-46591 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sDnsPro parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

DoS via Buffer Overflow in Draytek Vigor 3910 v4.3.2.6 ssidencrypt%d v2x00.cgi
CVE-2024-46590 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ssidencrypt%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6: Buffer Overrun in inetipv6.cgi Causing DoS
CVE-2024-46589 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sIpv6AiccuUser parameter at inetipv6.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Vigor 3910 v4.3.2.6 Buffer Overflow (DoS) via sProfileName in wizfw.cgi
CVE-2024-46588 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at wizfw.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 4.3.2.6 buffer overflow in sCloudPass (v2x00.cgi) DoS
CVE-2024-46586 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sCloudPass parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 buffer overflow in usergrp.cgi leads to DoS
CVE-2024-46585 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at usergrp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

DoS via buffer overflow in acontrol.cgi (AControlIp1) on Draytek Vigor 3910 v4.3.2.6
CVE-2024-46584 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the AControlIp1 parameter at acontrol.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 DoS via Buffer Overflow in cgiapp.cgi extRadSrv2
CVE-2024-46583 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the extRadSrv2 parameter at cgiapp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 DoS via Buffer Overflow in v2x00.cgi
CVE-2024-46582 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sSrvAddr parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor3910 v4.3.2.6 Buffer Overflow in sProfName, DoS
CVE-2024-46581 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Buffer Overflow in Draytek Vigor 3910 v4.3.2.6 v2x00.cgi Causes DoS
CVE-2024-46580 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the fid parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 4.3.2.6 DoS via Buffer Overflow in fwuser.cgi (sPPPSrvNm)
CVE-2024-46571 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPPPSrvNm parameter at fwuser.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 buffer overflow in vpn.cgi (DoS)
CVE-2024-46568 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPeerId parameter at vpn.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Draytek Vigor 3910 v4.3.2.6 Buffer Overflow iProfileIdx DoS
CVE-2024-46567 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iProfileIdx parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

DoS Buffer Overflow in Draytek Vigor 3910 v4.3.2.6 service.cgi
CVE-2024-46565 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sSrvName parameter at service.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Classic Buffer Overflow

Directory Traversal in Process_Post of Draytek Vigor3910 4.3.2.5
CVE-2024-23721 - March 20, 2024

A Directory Traversal issue was discovered in process_post on Draytek Vigor3910 4.3.2.5 devices. When sending a certain POST request, it calls the function and exports information.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Draytek Vigor3910 Firmware or by Draytek? Click the Watch button to subscribe.

Draytek
Vendor

Draytek Vigor3910 Firmware
Product

Draytek Vigor3910 Firmware

Don't miss out!

By the Year

Recent Draytek Vigor3910 Firmware Security Vulnerabilities

DrayTek Vigor3910 4.3.2.6 Devices: Stored XSS via Router Name (Auth) CVE-2024-41583 - October 03, 2024

Vigor3910 Auth XSS via sFormAuthStr (pre-4.3.2.6) CVE-2024-41584 - October 03, 2024

OS Command Injection in DrayTek Vigor3910 recvCmd v4.3.2.6 CVE-2024-41585 - October 03, 2024

DrayTek Vigor310 before 4.3.2.6 Buffer Overflow via /cgi-bin/ipfedr.cgi CVE-2024-41586 - October 03, 2024

DrayTek Vigor310 HTTP Auth Unencrypted Vulnerability (4.3.2.6) CVE-2024-41589 - October 03, 2024

Stack Overflow in DrayTek Vigor3910 GetCGI (<=4.3.2.6) CVE-2024-41592 - October 03, 2024

Remote Setting Modification via .cgi BOC in DrayTek Vigor310 <4.3.2.6 CVE-2024-41595 - October 03, 2024

DrayTek Vigor310 Stored XSS via Login Page Greeting pre-4.3.2.6 CVE-2024-41587 5.4 - Medium - October 03, 2024

Draytek Vigor 3910 Buffer Overflow in fextobj.cgi (v4.3.2.6) DoS CVE-2024-46564 7.5 - High - September 18, 2024

DrayTek Vigor 3910 v4.3.2.6 Buffer Overflow in sPubKey Dialin CGI (DoS) CVE-2024-46597 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 Queryret Buffer Overflow in v2x00.cgi (DoS) CVE-2024-46561 7.5 - High - September 18, 2024

Draytek Vigor 3910 4.3.2.6 Buffer Overflow in v2x00.cgi (DoS) CVE-2024-46560 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 buffer overflow in inet15.cgi sBPA_UsrNme causes DoS CVE-2024-46559 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS from buffer overflow in v2x00.cgi CVE-2024-46558 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS via buffer overflow in v2x00.cgi sProfileName CVE-2024-46557 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 Denial of Service via v2x00.cgi buffer overflow CVE-2024-46556 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 Buffer Overflow in v2x00.cgi pb Param (DoS) CVE-2024-46555 7.5 - High - September 18, 2024

DoS via Buffer Overflow in v2x00.cgi on Draytek Vigor 3910 4.3.2.6 CVE-2024-46554 7.5 - High - September 18, 2024

Draytek Vigor 3910 Buffer Overflow in v2x00.cgi (Pre-4.3.2.6) CVE-2024-46553 7.5 - High - September 18, 2024

Vigor 3910 v4.3.2.6 Buffer Overflow in ipstrt.cgi -> DoS CVE-2024-46552 7.5 - High - September 18, 2024

Vigor 3910 v4.3.2.6 sBPA_Pwd Buffer Overflow DoS CVE-2024-46551 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 CGI Buffer Overflow in chglog.cgi (DoS) CVE-2024-46550 7.5 - High - September 18, 2024

DoS via Buffer Overflow in sslapp.cgi on Draytek Vigor 3910 v4.3.2.6 CVE-2024-46566 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 Buffer Overflow at dialin.cgi iprofileidx Allowing DoS CVE-2024-46598 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS via buffer overflow in v2x00.cgi sAct CVE-2024-46596 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 buffer overflow in lan2lan.cgi causing DoS CVE-2024-46595 7.5 - High - September 18, 2024

Buffer overflow in Draytek Vigor 3910 (v4.3.2.6) saveVPNProfile - DoS CVE-2024-46594 7.5 - High - September 18, 2024

Buf Overflow in cgiswm.cgi of Draytek Vigor 3910 v4.3.2.6 Enables DoS CVE-2024-46593 7.5 - High - September 18, 2024

DoS via buffer overflow in Draytek Vigor 3910 v4.3.2.6 v2x00.cgi CVE-2024-46592 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS via sDnsPro Buffer Overflow CVE-2024-46591 7.5 - High - September 18, 2024

DoS via Buffer Overflow in Draytek Vigor 3910 v4.3.2.6 ssidencrypt%d v2x00.cgi CVE-2024-46590 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6: Buffer Overrun in inetipv6.cgi Causing DoS CVE-2024-46589 7.5 - High - September 18, 2024

Vigor 3910 v4.3.2.6 Buffer Overflow (DoS) via sProfileName in wizfw.cgi CVE-2024-46588 7.5 - High - September 18, 2024

Draytek Vigor 3910 4.3.2.6 buffer overflow in sCloudPass (v2x00.cgi) DoS CVE-2024-46586 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 buffer overflow in usergrp.cgi leads to DoS CVE-2024-46585 7.5 - High - September 18, 2024

DoS via buffer overflow in acontrol.cgi (AControlIp1) on Draytek Vigor 3910 v4.3.2.6 CVE-2024-46584 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS via Buffer Overflow in cgiapp.cgi extRadSrv2 CVE-2024-46583 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS via Buffer Overflow in v2x00.cgi CVE-2024-46582 7.5 - High - September 18, 2024

Draytek Vigor3910 v4.3.2.6 Buffer Overflow in sProfName, DoS CVE-2024-46581 7.5 - High - September 18, 2024

Buffer Overflow in Draytek Vigor 3910 v4.3.2.6 v2x00.cgi Causes DoS CVE-2024-46580 7.5 - High - September 18, 2024

Draytek Vigor 3910 4.3.2.6 DoS via Buffer Overflow in fwuser.cgi (sPPPSrvNm) CVE-2024-46571 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 buffer overflow in vpn.cgi (DoS) CVE-2024-46568 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 Buffer Overflow iProfileIdx DoS CVE-2024-46567 7.5 - High - September 18, 2024

DoS Buffer Overflow in Draytek Vigor 3910 v4.3.2.6 service.cgi CVE-2024-46565 7.5 - High - September 18, 2024

Directory Traversal in Process_Post of Draytek Vigor3910 4.3.2.5 CVE-2024-23721 - March 20, 2024

Stay on top of Security Vulnerabilities

Draytek Vendor

Draytek Vigor3910 FirmwareProduct

DrayTek Vigor3910 4.3.2.6 Devices: Stored XSS via Router Name (Auth)
CVE-2024-41583 - October 03, 2024

Vigor3910 Auth XSS via sFormAuthStr (pre-4.3.2.6)
CVE-2024-41584 - October 03, 2024

OS Command Injection in DrayTek Vigor3910 recvCmd v4.3.2.6
CVE-2024-41585 - October 03, 2024

DrayTek Vigor310 before 4.3.2.6 Buffer Overflow via /cgi-bin/ipfedr.cgi
CVE-2024-41586 - October 03, 2024

DrayTek Vigor310 HTTP Auth Unencrypted Vulnerability (4.3.2.6)
CVE-2024-41589 - October 03, 2024

Stack Overflow in DrayTek Vigor3910 GetCGI (<=4.3.2.6)
CVE-2024-41592 - October 03, 2024

Remote Setting Modification via .cgi BOC in DrayTek Vigor310 <4.3.2.6
CVE-2024-41595 - October 03, 2024

DrayTek Vigor310 Stored XSS via Login Page Greeting pre-4.3.2.6
CVE-2024-41587 5.4 - Medium - October 03, 2024

Draytek Vigor 3910 Buffer Overflow in fextobj.cgi (v4.3.2.6) DoS
CVE-2024-46564 7.5 - High - September 18, 2024

DrayTek Vigor 3910 v4.3.2.6 Buffer Overflow in sPubKey Dialin CGI (DoS)
CVE-2024-46597 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 Queryret Buffer Overflow in v2x00.cgi (DoS)
CVE-2024-46561 7.5 - High - September 18, 2024

Draytek Vigor 3910 4.3.2.6 Buffer Overflow in v2x00.cgi (DoS)
CVE-2024-46560 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 buffer overflow in inet15.cgi sBPA_UsrNme causes DoS
CVE-2024-46559 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS from buffer overflow in v2x00.cgi
CVE-2024-46558 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS via buffer overflow in v2x00.cgi sProfileName
CVE-2024-46557 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 Denial of Service via v2x00.cgi buffer overflow
CVE-2024-46556 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 Buffer Overflow in v2x00.cgi pb Param (DoS)
CVE-2024-46555 7.5 - High - September 18, 2024

DoS via Buffer Overflow in v2x00.cgi on Draytek Vigor 3910 4.3.2.6
CVE-2024-46554 7.5 - High - September 18, 2024

Draytek Vigor 3910 Buffer Overflow in v2x00.cgi (Pre-4.3.2.6)
CVE-2024-46553 7.5 - High - September 18, 2024

Vigor 3910 v4.3.2.6 Buffer Overflow in ipstrt.cgi -> DoS
CVE-2024-46552 7.5 - High - September 18, 2024

Vigor 3910 v4.3.2.6 sBPA_Pwd Buffer Overflow DoS
CVE-2024-46551 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 CGI Buffer Overflow in chglog.cgi (DoS)
CVE-2024-46550 7.5 - High - September 18, 2024

DoS via Buffer Overflow in sslapp.cgi on Draytek Vigor 3910 v4.3.2.6
CVE-2024-46566 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 Buffer Overflow at dialin.cgi iprofileidx Allowing DoS
CVE-2024-46598 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS via buffer overflow in v2x00.cgi sAct
CVE-2024-46596 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 buffer overflow in lan2lan.cgi causing DoS
CVE-2024-46595 7.5 - High - September 18, 2024

Buffer overflow in Draytek Vigor 3910 (v4.3.2.6) saveVPNProfile - DoS
CVE-2024-46594 7.5 - High - September 18, 2024

Buf Overflow in cgiswm.cgi of Draytek Vigor 3910 v4.3.2.6 Enables DoS
CVE-2024-46593 7.5 - High - September 18, 2024

DoS via buffer overflow in Draytek Vigor 3910 v4.3.2.6 v2x00.cgi
CVE-2024-46592 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS via sDnsPro Buffer Overflow
CVE-2024-46591 7.5 - High - September 18, 2024

DoS via Buffer Overflow in Draytek Vigor 3910 v4.3.2.6 ssidencrypt%d v2x00.cgi
CVE-2024-46590 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6: Buffer Overrun in inetipv6.cgi Causing DoS
CVE-2024-46589 7.5 - High - September 18, 2024

Vigor 3910 v4.3.2.6 Buffer Overflow (DoS) via sProfileName in wizfw.cgi
CVE-2024-46588 7.5 - High - September 18, 2024

Draytek Vigor 3910 4.3.2.6 buffer overflow in sCloudPass (v2x00.cgi) DoS
CVE-2024-46586 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 buffer overflow in usergrp.cgi leads to DoS
CVE-2024-46585 7.5 - High - September 18, 2024

DoS via buffer overflow in acontrol.cgi (AControlIp1) on Draytek Vigor 3910 v4.3.2.6
CVE-2024-46584 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS via Buffer Overflow in cgiapp.cgi extRadSrv2
CVE-2024-46583 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 DoS via Buffer Overflow in v2x00.cgi
CVE-2024-46582 7.5 - High - September 18, 2024

Draytek Vigor3910 v4.3.2.6 Buffer Overflow in sProfName, DoS
CVE-2024-46581 7.5 - High - September 18, 2024

Buffer Overflow in Draytek Vigor 3910 v4.3.2.6 v2x00.cgi Causes DoS
CVE-2024-46580 7.5 - High - September 18, 2024

Draytek Vigor 3910 4.3.2.6 DoS via Buffer Overflow in fwuser.cgi (sPPPSrvNm)
CVE-2024-46571 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 buffer overflow in vpn.cgi (DoS)
CVE-2024-46568 7.5 - High - September 18, 2024

Draytek Vigor 3910 v4.3.2.6 Buffer Overflow iProfileIdx DoS
CVE-2024-46567 7.5 - High - September 18, 2024

DoS Buffer Overflow in Draytek Vigor 3910 v4.3.2.6 service.cgi
CVE-2024-46565 7.5 - High - September 18, 2024

Directory Traversal in Process_Post of Draytek Vigor3910 4.3.2.5
CVE-2024-23721 - March 20, 2024

Draytek
Vendor

Draytek Vigor3910 Firmware
Product