Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-8515 PoC — Draytek Vigor2960和Vigor300B 操作系统命令注入漏洞

Source
https://github.com/truerandom/nmap_draytek_rce
Associated Vulnerability
Title:Draytek Vigor2960和Vigor300B 操作系统命令注入漏洞 (CVE-2020-8515)
Description:DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
Description
nmap script to detect CVE-2020-8515 on Draytek Devices
Readme
# nmap_draytek_rce
nmap script to detect CVE-2020-8515 on Draytek Devices
File Snapshot

 [4.0K]  /data/pocs/1bdd03a81472fa986a1d149f7ca325b08bf19250
├── [4.8K]  http-draytek-rce.nse
└── [  74]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →