Vulnerabilities > Draytek > Vigor2925N Plus

DATE CVE VULNERABILITY TITLE RISK
2019-09-20 CVE-2019-16534 Cross-site Scripting vulnerability in Draytek Vigor2925 Firmware 3.8.4.3
On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen.
network
draytek CWE-79
4.3
4.3
2019-09-20 CVE-2019-16533 Cross-site Scripting vulnerability in Draytek Vigor2925 Firmware 3.8.4.3
On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS.
network
draytek CWE-79
4.3
4.3