Vulnerabilities > Draytek > Vigorconnect > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-13 CVE-2021-20123 Path Traversal vulnerability in Draytek Vigorconnect 1.6.0
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint.
network
low complexity
draytek CWE-22
7.8
7.8
2021-10-13 CVE-2021-20124 Path Traversal vulnerability in Draytek Vigorconnect 1.6.0
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint.
network
low complexity
draytek CWE-22
7.8
7.8
2021-10-13 CVE-2021-20127 Unspecified vulnerability in Draytek Vigorconnect 1.6.0
An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3.
network
low complexity
draytek
8.5
8.5