cbcvebase.
CVE-2024-41596
published 2024-10-03

CVE-2024-41596: Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of improper retrieval and handling of…

PriorityP341high8CVSS 3.1
AVAACLPRLUINSUCHIHAH
EPSS
0.33%
24.8th percentile
Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of improper retrieval and handling of the CGI form parameters.

Affected

16 ranges
VendorProductVersion rangeFixed in
draytekvigor1000b_firmware< 4.3.2.84.3.2.8
draytekvigor1000b_firmware>= 4.4.0.0 < 4.4.3.14.4.3.1
draytekvigor165_firmware< 4.2.74.2.7
draytekvigor166_firmware< 4.2.74.2.7
draytekvigor2135_firmware< 4.4.5.34.4.5.3
draytekvigor2763_firmware< 4.4.5.34.4.5.3
draytekvigor2765_firmware< 4.4.5.34.4.5.3
draytekvigor2766_firmware< 4.4.5.34.4.5.3
draytekvigor2865_firmware< 4.4.5.24.4.5.2
draytekvigor2866_firmware< 4.4.5.24.4.5.2
draytekvigor2915_firmware< 4.4.5.34.4.5.3
draytekvigor2962_firmware< 4.3.2.84.3.2.8
draytekvigor2962_firmware>= 4.4.0.0 < 4.4.3.14.4.3.1
draytekvigor3910_firmware< 4.3.2.84.3.2.8
draytekvigor3910_firmware>= 4.4.0.0 < 4.4.3.14.4.3.1
draytekvigor3912_firmware< 4.3.6.14.3.6.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.