CVE-2023-1163
published 2023-03-03CVE-2023-1163: ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5 and classified as critical. Affected by this vulnerability…
PriorityP342medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
1.77%
75.3th percentile
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5 and classified as critical. Affected by this vulnerability is the function getSyslogFile of the file mainfunction.cgi of the component Web Management Interface. The manipulation of the argument option leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222259. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| draytek | vigor_2960 | — | — |
| draytek | vigor_2960 | — | — |
| draytek | vigor_2960_firmware | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f5vh-pgc9-ww94: A vulnerability has been found in DrayTek Vigor 2960 1
ghsa_unreviewed·2023-03-03
CVE-2023-1163 [MEDIUM] CWE-22 GHSA-f5vh-pgc9-ww94: A vulnerability has been found in DrayTek Vigor 2960 1
A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4 and classified as problematic. Affected by this vulnerability is the function sub_1DA58 of the file mainfunction.cgi. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222259.
Red Hat
kernel: Linux kernel: Denial of Service in the cdns3 USB driver due to improper spin lock handling
vendor_redhat·2025-09-16·CVSS 5.5
CVE-2023-53287 [MEDIUM] CWE-663 kernel: Linux kernel: Denial of Service in the cdns3 USB driver due to improper spin lock handling
kernel: Linux kernel: Denial of Service in the cdns3 USB driver due to improper spin lock handling
In the Linux kernel, the following vulnerability has been resolved:
usb: cdns3: Put the cdns set active part outside the spin lock
The device may be scheduled during the resume process,
so this cannot appear in atomic operations. Since
pm_runtime_set_active will resume suppliers, put set
active outside the spin lock, which is only used to
protect the struct cdns data structure, otherwise the
kernel will report the following warning:
BUG: sleeping function called from invalid context at drivers/base/power/runtime.c:1163
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 651, name: sh
preempt_count: 1, expected: 0
RCU nest depth: 0, expected: 0
CPU: 0 PID: 651 Comm: sh Tainted: G WC 6.1.20
Suricata
ET WEB_SPECIFIC_APPS Draytek mainfunction.cgi getSyslogFile option Arbitrary File Read Attempt (CVE-2023-1163)
suricata·2024-12-18·CVSS 6.5
CVE-2023-1163 [MEDIUM] ET WEB_SPECIFIC_APPS Draytek mainfunction.cgi getSyslogFile option Arbitrary File Read Attempt (CVE-2023-1163)
ET WEB_SPECIFIC_APPS Draytek mainfunction.cgi getSyslogFile option Arbitrary File Read Attempt (CVE-2023-1163)
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Draytek mainfunction.cgi getSyslogFile option Arbitrary File Read Attempt (CVE-2023-1163)"; flow:established,to_server; http.method; content:"POST"; http.uri; bsize:25; content:"/cgi-bin/mainfunction.cgi"; fast_pattern; http.request_body; content:"action|3d|getSyslogFile"; content:"option|3d|"; pcre:"/^[^\x26]*?(?:(?:\x2e|%2[Ee]){1,2}(?:\x2f|\x5c|%5[Cc]|%2[Ff]){1,}){1,}/R"; content:"rtick|3d|"; reference:cve,2023-1163; reference:url,github.com/xxy1126/Vuln/blob/main/Draytek/3.md; classtype:attempted-admin; sid:2058403; rev:1; metadata:affected_product DrayTek, attack_target Networking_Equipment, tls_state plaint
No public exploits indexed.
2023-03-03
Published