- Description
- A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 6.9
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Data from CISA
- Vulnerability name
- DrayTek Vigor Routers OS Command Injection Vulnerability
- Exploit added on
- May 15, 2025
- Exploit action due
- Jun 5, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- cna@vuldb.com
- CWE-77
- Hype score
- Not currently trending
🚨 Threat Alert: CVE-2024-12987 DrayTek Vigor Routers – Critical OS Command Injection Vulnerability 🚨 This critical vulnerability affects DrayTek Vigor2960, Vigor300B, and Vigor3900 routers running firmware v1.5.1.4. It allows unauthenticated attackers to inject and execu
@ArmisSecurity
13 Jun 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-12987 #DrayTek Vigor Routers OS Command Injection Vulnerability https://t.co/qsZ9wXYNmX
@ScyScan
19 May 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Command Injection in apmcfgupload endpoint for DrayTek Gateway Devices (CVE-2024-12987) #CommandInjectionVulnerability #CVE202412987 #CyberSecurity #DrayTek https://t.co/6NZjh3dtpf https://t.co/NaRkzBBD1k
@SystemTek_UK
19 May 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12987: DrayTek Vigor Routers OS Command Injection Vulnerability – Critical Remote Exploit https://t.co/W6DEbHNXrF https://t.co/COge9oak9Y
@huntingjacq
18 May 2025
47 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12987 affecting DrayTek Routers #DraytekRouters #CVE-2024-12987 https://t.co/RKSvyRdiTa
@pravin_karthik
1 Jan 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12987 (CVSS:7.3, HIGH) is Awaiting Analysis. A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an ..https://t.co/6RgjqimNSq #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
1 Jan 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
66,000 DrayTek Gateways Vulnerable to Remote Command Injection (CVE-2024-12987), PoC Published. #CyberSecurity #informationsecurity https://t.co/PXTErXX0jQ
@SecAdvsAlerts
31 Dec 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2024-12987 in DrayTek Gateways Vulnerable to Remote Command Injection 🔥PoC: https://t.co/chaPO2U82N 🎯75k+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link:https://t.co/DSFi7SdFYI FOFA Query:app="DrayTek-Vigor300B" || app="DrayTek-Vigor2960"
@fofabot
31 Dec 2024
1021 Impressions
7 Retweets
20 Likes
10 Bookmarks
0 Replies
0 Quotes
66,000 DrayTek Gateways Vulnerable to Remote Command Injection (CVE-2024-12987), PoC Published https://t.co/iG6ZnpSC6W
@Dinosn
31 Dec 2024
1361 Impressions
0 Retweets
4 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2024-12987: DrayTek Vigor2960/Vigor300B Web Management Interface Apmcfgupload Os Command Injection ⚠️The /cgi-bin/mainfunction.cgi/apmcfgupload endpoint fails to adequately sanitize the session parameter, enabling attackers to inject malicious commands. ZoomEye… https://
@zoomeye_team
31 Dec 2024
927 Impressions
4 Retweets
8 Likes
3 Bookmarks
0 Replies
0 Quotes
66,000 DrayTek Gateways Vulnerable to Remote Command Injection (CVE-2024-12987), PoC Published Discover the latest security flaw affecting popular DrayTek gateway devices. Learn how it enables remote command execution and puts over 66,000 devices at risk https://t.co/0ypuAnTKxl
@the_yellow_fall
31 Dec 2024
200 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12987 A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunc… https://t.co/7Oe0uXYrhU
@CVEnew
28 Dec 2024
199 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12987 Critical OS Command Injection in DrayTek Vigor Remote Exploit A critical vulnerability exists in DrayTek Vigor2960 and Vigor300B version 1.5.1.4. It affects an unknown function in the file /cgi-bin... https://t.co/Gkd28qbySF
@VulmonFeeds
28 Dec 2024
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor300b_firmware:1.5.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0357964-F484-4DB3-BCAD-1E02639357C4"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DA5B988D-ED1A-4CBF-8B34-C5B03A55ED52"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:draytek:vigor2960_firmware:1.5.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "564753CE-A701-4D76-94D8-C452AF0C5E82"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8FDA3905-67DD-4F31-AFCF-014F1D7CCC1F"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]