Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-43118

EPSS 32.08% · P97
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-43118

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A Remote Command Injection vulnerability exists in DrayTek Vigor 2960 1.5.1.3, DrayTek Vigor 3900 1.5.1.3, and DrayTek Vigor 300B 1.5.1.3 via a crafted HTTP message containing malformed QUERY STRING in mainfunction.cgi, which could let a remote malicious user execute arbitrary code.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款 DrayTek Vigor 产品命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Draytek DrayTek Vigor3900等都是中国台湾居易科技(Draytek)公司的产品。DrayTek Vigor3900是一款宽带路由器/VPN网关设备。DrayTek Vigor2960等都是中国DrayTek公司的产品。DrayTek Vigor2960是一款双 WAN 宽带路由器/VPN 网关。DrayTek Vigor300B是一款运行在 Linux 系统上的 Quad-WAN 负载均衡宽带路由器。 DrayTek Vigor 2960 1.5.1.3版本、DrayTek Vigo
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2021-43118

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-43118

登录查看更多情报信息。

Same Patch Batch · n/a · 2022-03-29 · 37 CVEs total

CVE-2022-269516.5 MEDIUMRSA Archer 跨站脚本漏洞
CVE-2022-269476.3 MEDIUMRSA Archer跨站脚本漏洞
CVE-2022-269485.8 MEDIUMRSA Archer安全漏洞
CVE-2022-269505.4 MEDIUMRSA Archer 输入验证错误漏洞
CVE-2022-269495.3 MEDIUMRSA Archer 安全漏洞
CVE-2022-239375.3 MEDIUMWind River VxWorks 缓冲区错误漏洞
CVE-2015-3298Yubico ykneo-openpgp 数据伪造问题漏洞
CVE-2021-42970cxuucms跨站脚本漏洞
CVE-2022-22948VMware vCenter Server 安全漏洞
CVE-2022-1122OpenJPEG 安全漏洞
CVE-2021-43109PuneethReddyHc Online Shopping System Advanced SQL注入漏洞
CVE-2021-43110PuneethReddyHc Online Shopping System Advanced 访问控制错误漏洞
CVE-2021-42911Draytek多款产品格式化字符串错误漏洞
CVE-2021-44082Textpattern CMS 跨站脚本漏洞
CVE-2022-26244Sourcecodester Hospital Patient Records Management System 跨站脚本漏洞
CVE-2021-44081Open5Gs 缓冲区错误漏洞
CVE-2022-27815SWHKD 后置链接漏洞
CVE-2022-27432Pluck 跨站请求伪造漏洞
CVE-2021-41594RSA Archer 安全漏洞
CVE-2021-44581Kreado Kreasfero SQL注入漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2021-43118

No comments yet

Leave a comment