Vulnerabilities > Draytek > Vigor2762Vac Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-03 CVE-2023-23313 Cross-site Scripting vulnerability in Draytek products
Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal.
network
low complexity
draytek CWE-79
6.1
2022-08-29 CVE-2022-32548 Classic Buffer Overflow vulnerability in Draytek products
An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1.
network
low complexity
draytek CWE-120
critical
9.8