Vulnerabilities > Draytek > Vigor3900 Firmware > 1.5.1.6

DATE CVE VULNERABILITY TITLE RISK
2024-09-06 CVE-2024-44844 OS Command Injection vulnerability in Draytek Vigor3900 Firmware 1.5.1.6
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the name parameter in the run_command function.
network
low complexity
draytek CWE-78
8.8
8.8
2024-09-06 CVE-2024-44845 OS Command Injection vulnerability in Draytek Vigor3900 Firmware 1.5.1.6
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the value parameter in the filter_string function.
network
low complexity
draytek CWE-78
8.8
8.8