Product
draytek vigor2763 firmware
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-51139
CVE-2024-51138
CVE-2024-41596
CVE-2024-41594
CVE-2024-41593
CVE-2024-41592
CVE-2024-41591
CVE-2024-41590
CVE-2024-41588
CVE-2024-41587
CVE-2023-23313
< 4.4.5.5
Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.
< 4.4.5.5
Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and
< 4.4.5.3
Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of improper
< 4.4.5.3
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server o
< 4.4.5.3
DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), beca
< 4.4.5.3
DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI misha
< 4.4.5.3
DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.
< 4.4.5.3
Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters
< 4.4.5.3
The CGI endpoints v2x00.cgi and cgiwcg.cgi of DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to buffer overflows, by aut
< 4.4.5.3
Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices
< 4.4.2.2
Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the r