Lucene search
TenableCVELIST:CVE-2021-20124HistoryOct 13, 2021 - 3:48 p.m.
CVE-2021-20124
2021-10-1315:48:03
tenable
www.cve.org
2
cve-2021-20124
draytek vigorconnect
file download
webservlet endpoint
unauthenticated attacker
root privileges
EPSS
0.492
Percentile
97.6%
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.
CNA Affected
[
{
"product": "Draytek VigorConnect",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.6.0-B3"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2021-20124
2021-10-13 15:48:03
nvd
nvd
CVE-2021-20124
2021-10-13 16:15:07
cnvd
cnvd
Draytek VigorConnect Local File Inclusion Vulnerability
2021-10-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Draytek VigorConnect Directory Traversal (CVE-2021-20124)
2021-11-07 00:00:00
cisa_kev
cisa_kev
Draytek VigorConnect Path Traversal Vulnerability
2024-09-03 00:00:00
attackerkb
attackerkb
CVE-2021-20124
2021-10-13 00:00:00
nuclei
nuclei
Draytek VigorConnect 6.0-B3 - Local File Inclusion
2022-05-13 09:07:02
cve
cve
CVE-2021-20124
2021-10-13 16:15:07
prion
prion
Remote file inclusion
2021-10-13 16:15:00
thn
thn