Lucene search
PRIOn knowledge basePRION:CVE-2020-15415HistoryJun 30, 2020 - 2:15 p.m.
Design/Logic Flaw
2020-06-3014:15:00
PRIOn knowledge base
www.prio-n.com
7
On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472.
| CPE | Name | Operator | Version |
|---|---|---|---|
| vigor2960_firmware | lt | 1.5.1 | |
| vigor300b_firmware | lt | 1.5.1 | |
| vigor3900_firmware | lt | 1.5.1 |
Related
attackerkb
attackerkb
CVE-2020-15415
2020-06-30 00:00:00
nvd
nvd
CVE-2020-15415
2020-06-30 14:15:11
CVE-2020-14472
2020-06-24 17:15:11
cve
cve
CVE-2020-15415
2020-06-30 14:15:11
CVE-2020-14472
2020-06-24 17:15:11
cvelist
cvelist
CVE-2020-15415
2020-06-30 13:37:56
CVE-2020-14472
2020-06-24 16:51:23
checkpoint_advisories
checkpoint_advisories
DrayTek Vigor Remote Code Execution (CVE-2020-14472)
2020-07-08 00:00:00
DrayTek Command Injection (CVE-2020-15415)
2020-07-12 00:00:00
prion
prion
Command injection
2020-06-24 17:15:00