CVE-2022-32548

critical-risk
Published 2022-08-29

An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.

Do I need to act?

!
65.6% chance of exploitation in next 30 days
EPSS score — higher than 34% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
10
CVSS 10.0/10 Critical
NETWORK / LOW complexity

Affected Products (20)

Vigor1000B Firmware
Vigor2962 Firmware
Vigor2927 Firmware
Vigor2915 Firmware
Vigor2952 Firmware
Vigor3220 Firmware
Vigor2926 Firmware

Affected Vendors

Draytek

References (4)

Exploit https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek...
Exploit https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-...
Exploit https://www.securityweek.com/smbs-exposed-attacks-critical-vulnerability-draytek...
Exploit https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/rce-in-dratyek-...
80
/ 100
critical-risk
Severity 33/34 · Critical
Exploitability 19/34 · Moderate
Exposure 28/34 · Critical