Vulnerabilities > Draytek > Vigor2865 Firmware > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-03 | CVE-2024-41593 | Out-of-bounds Write vulnerability in Draytek products DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow. | 9.8 |
2022-08-29 | CVE-2022-32548 | Classic Buffer Overflow vulnerability in Draytek products An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. | 9.8 |