CVE-2023-1009 Information

Description

A vulnerability classified as problematic has been found in DrayTek Vigor 2960 1.5.1.4. Affected is the function sub_1DF14 of the file /cgi-bin/mainfunction.cgi. The manipulation of the argument option with the input /../etc/password leads to path traversal. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. VDB-221742 is the identifier assigned to this vulnerability.

Reference

https://github.com/xxy1126/Vuln/blob/main/Draytek/1.md https://vuldb.com/?ctiid.221742 https://vuldb.com/?id.221742