CVE-2026-3040

low-risk

Published 2026-02-23

A vulnerability was identified in DrayTek Vigor 300B up to 1.5.1.6. This affects the function cgiGetFile of the file /cgi-bin/mainfunction.cgi/uploadlangs of the component Web Management Interface. The manipulation of the argument File leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor confirms that "300B is EoL, and this is an authenticated vulnerability. We don't plan to fix it." This vulnerability only affects products that are no longer supported by the maintainer.

Do I need to act?

0.43% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.7/10 Medium

NETWORK / LOW complexity

Affected Products (1)

Vigor300B Firmware

Affected Vendors

Draytek

References (4)

Exploit https://github.com/master-abc/cve/issues/42

Permissions Required https://vuldb.com/?ctiid.347394

Third Party Advisory https://vuldb.com/?id.347394

Third Party Advisory https://vuldb.com/?submit.757126

/ 100

low-risk

Severity 19/34 · Moderate

Exploitability 2/34 · Minimal

Exposure 5/34 · Minimal