Last active
February 18, 2024 00:42
-
-
Save rrrrrrri/8e9cac08eb4d9c01ab258bd5b0f8f7d8 to your computer and use it in GitHub Desktop.
CVE-2024-23721
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-23721 | |
[PRODUCT] | |
Draytek Vigor 3910 router | |
[VERSION] | |
Vigor3910 <= v4.3.2.5 | |
... | |
[TYPE] | |
Sensitive information disclosure | |
[DESCRIPTION] | |
There is a security vulnerability in Draytek 3910 router that could allow an unauthenticated attacker to access sensitive information on the target device. | |
The "process_post" function did not properly process the parameters submitted by the user, allowing the attacker to bypass session validation and export the configuration file. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment