CVE-2024-41585 Information

Description

DrayTek Vigor3910 devices through 4.3.2.6 are affected by an OS command injection vulnerability that allows an attacker to leverage the recvCmd binary to escape from the emulated instance and inject arbitrary commands into the host machine.

Reference

https://www.forescout.com/resources/draytek14-vulnerabilities https://www.forescout.com/resources/draybreak-draytek-research/