CVE-2022-32548

Summary

CVE	CVE-2022-32548
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-08-29 06:15:00 UTC
Updated	2022-09-01 19:56:00 UTC
Description	An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.

Risk And Classification

Problem Types: CWE-120

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Draytek	Vigor1000b	-	All	All	All
Operating System	Draytek	Vigor1000b Firmware	All	All	All	All
Hardware	Draytek	Vigor165	-	All	All	All
Operating System	Draytek	Vigor165 Firmware	All	All	All	All
Hardware	Draytek	Vigor166	-	All	All	All
Operating System	Draytek	Vigor166 Firmware	All	All	All	All
Hardware	Draytek	Vigor2133	-	All	All	All
Hardware	Draytek	Vigor2133ac	-	All	All	All
Operating System	Draytek	Vigor2133ac Firmware	All	All	All	All
Hardware	Draytek	Vigor2133fvac	-	All	All	All
Operating System	Draytek	Vigor2133fvac Firmware	All	All	All	All
Hardware	Draytek	Vigor2133n	-	All	All	All
Operating System	Draytek	Vigor2133n Firmware	All	All	All	All
Hardware	Draytek	Vigor2133vac	-	All	All	All
Operating System	Draytek	Vigor2133vac Firmware	All	All	All	All
Operating System	Draytek	Vigor2133 Firmware	All	All	All	All
Hardware	Draytek	Vigor2135	-	All	All	All
Hardware	Draytek	Vigor2135ac	-	All	All	All
Operating System	Draytek	Vigor2135ac Firmware	All	All	All	All
Hardware	Draytek	Vigor2135fvac	-	All	All	All
Operating System	Draytek	Vigor2135fvac Firmware	All	All	All	All
Hardware	Draytek	Vigor2135vac	-	All	All	All
Operating System	Draytek	Vigor2135vac Firmware	All	All	All	All
Operating System	Draytek	Vigor2135 Firmware	All	All	All	All
Hardware	Draytek	Vigor2620l	-	All	All	All
Hardware	Draytek	Vigor2620ln	-	All	All	All
Operating System	Draytek	Vigor2620ln Firmware	All	All	All	All
Operating System	Draytek	Vigor2620l Firmware	All	All	All	All
Hardware	Draytek	Vigor2762	-	All	All	All
Hardware	Draytek	Vigor2762ac	-	All	All	All
Operating System	Draytek	Vigor2762ac Firmware	All	All	All	All
Hardware	Draytek	Vigor2762n	-	All	All	All
Operating System	Draytek	Vigor2762n Firmware	All	All	All	All
Hardware	Draytek	Vigor2762vac	-	All	All	All
Operating System	Draytek	Vigor2762vac Firmware	All	All	All	All
Operating System	Draytek	Vigor2762 Firmware	All	All	All	All
Hardware	Draytek	Vigor2765	-	All	All	All
Hardware	Draytek	Vigor2765ac	-	All	All	All
Operating System	Draytek	Vigor2765ac Firmware	All	All	All	All
Hardware	Draytek	Vigor2765vac	-	All	All	All
Operating System	Draytek	Vigor2765vac Firmware	All	All	All	All
Operating System	Draytek	Vigor2765 Firmware	All	All	All	All
Hardware	Draytek	Vigor2766	-	All	All	All
Hardware	Draytek	Vigor2766ac	-	All	All	All
Operating System	Draytek	Vigor2766ac Firmware	All	All	All	All
Hardware	Draytek	Vigor2766vac	-	All	All	All
Operating System	Draytek	Vigor2766vac Firmware	All	All	All	All
Operating System	Draytek	Vigor2766 Firmware	All	All	All	All
Hardware	Draytek	Vigor2832	-	All	All	All
Operating System	Draytek	Vigor2832 Firmware	All	All	All	All
Hardware	Draytek	Vigor2862	-	All	All	All
Hardware	Draytek	Vigor2862ac	-	All	All	All
Operating System	Draytek	Vigor2862ac Firmware	All	All	All	All
Hardware	Draytek	Vigor2862b	-	All	All	All
Hardware	Draytek	Vigor2862bn	-	All	All	All
Operating System	Draytek	Vigor2862bn Firmware	All	All	All	All
Operating System	Draytek	Vigor2862b Firmware	All	All	All	All
Hardware	Draytek	Vigor2862l	-	All	All	All
Hardware	Draytek	Vigor2862lac	-	All	All	All
Operating System	Draytek	Vigor2862lac Firmware	All	All	All	All
Hardware	Draytek	Vigor2862ln	-	All	All	All
Operating System	Draytek	Vigor2862ln Firmware	All	All	All	All
Operating System	Draytek	Vigor2862l Firmware	All	All	All	All
Hardware	Draytek	Vigor2862n	-	All	All	All
Operating System	Draytek	Vigor2862n Firmware	All	All	All	All
Hardware	Draytek	Vigor2862vac	-	All	All	All
Operating System	Draytek	Vigor2862vac Firmware	All	All	All	All
Operating System	Draytek	Vigor2862 Firmware	All	All	All	All
Hardware	Draytek	Vigor2865	-	All	All	All
Hardware	Draytek	Vigor2865ac	-	All	All	All
Operating System	Draytek	Vigor2865ac Firmware	All	All	All	All
Hardware	Draytek	Vigor2865ax	-	All	All	All
Operating System	Draytek	Vigor2865ax Firmware	All	All	All	All
Hardware	Draytek	Vigor2865l	-	All	All	All
Hardware	Draytek	Vigor2865lac	-	All	All	All
Operating System	Draytek	Vigor2865lac Firmware	All	All	All	All
Operating System	Draytek	Vigor2865l Firmware	All	All	All	All
Hardware	Draytek	Vigor2865vac	-	All	All	All
Operating System	Draytek	Vigor2865vac Firmware	All	All	All	All
Operating System	Draytek	Vigor2865 Firmware	All	All	All	All
Hardware	Draytek	Vigor2866	-	All	All	All
Hardware	Draytek	Vigor2866ac	-	All	All	All
Operating System	Draytek	Vigor2866ac Firmware	All	All	All	All
Hardware	Draytek	Vigor2866ax	-	All	All	All
Operating System	Draytek	Vigor2866ax Firmware	All	All	All	All
Hardware	Draytek	Vigor2866l	-	All	All	All
Hardware	Draytek	Vigor2866lac	-	All	All	All
Operating System	Draytek	Vigor2866lac Firmware	All	All	All	All
Operating System	Draytek	Vigor2866l Firmware	All	All	All	All
Hardware	Draytek	Vigor2866vac	-	All	All	All
Operating System	Draytek	Vigor2866vac Firmware	All	All	All	All
Operating System	Draytek	Vigor2866 Firmware	All	All	All	All
Hardware	Draytek	Vigor2915	-	All	All	All
Hardware	Draytek	Vigor2915ac	-	All	All	All
Operating System	Draytek	Vigor2915ac Firmware	All	All	All	All
Operating System	Draytek	Vigor2915 Firmware	All	All	All	All
Hardware	Draytek	Vigor2926	-	All	All	All
Hardware	Draytek	Vigor2926ac	-	All	All	All
Operating System	Draytek	Vigor2926ac Firmware	All	All	All	All
Hardware	Draytek	Vigor2926l	-	All	All	All
Hardware	Draytek	Vigor2926lac	-	All	All	All
Operating System	Draytek	Vigor2926lac Firmware	All	All	All	All
Hardware	Draytek	Vigor2926ln	-	All	All	All
Operating System	Draytek	Vigor2926ln Firmware	All	All	All	All
Operating System	Draytek	Vigor2926l Firmware	All	All	All	All
Hardware	Draytek	Vigor2926n	-	All	All	All
Operating System	Draytek	Vigor2926n Firmware	All	All	All	All
Hardware	Draytek	Vigor2926vac	-	All	All	All
Operating System	Draytek	Vigor2926vac Firmware	All	All	All	All
Operating System	Draytek	Vigor2926 Firmware	All	All	All	All
Hardware	Draytek	Vigor2927	-	All	All	All
Hardware	Draytek	Vigor2927ac	-	All	All	All
Operating System	Draytek	Vigor2927ac Firmware	All	All	All	All
Hardware	Draytek	Vigor2927ax	-	All	All	All
Operating System	Draytek	Vigor2927ax Firmware	All	All	All	All
Hardware	Draytek	Vigor2927l	-	All	All	All
Hardware	Draytek	Vigor2927lac	-	All	All	All
Operating System	Draytek	Vigor2927lac Firmware	All	All	All	All
Operating System	Draytek	Vigor2927l Firmware	All	All	All	All
Hardware	Draytek	Vigor2927vac	-	All	All	All
Operating System	Draytek	Vigor2927vac Firmware	All	All	All	All
Operating System	Draytek	Vigor2927 Firmware	All	All	All	All
Hardware	Draytek	Vigor2952	-	All	All	All
Hardware	Draytek	Vigor2952p	-	All	All	All
Operating System	Draytek	Vigor2952p Firmware	All	All	All	All
Operating System	Draytek	Vigor2952 Firmware	All	All	All	All
Hardware	Draytek	Vigor2962	-	All	All	All
Hardware	Draytek	Vigor2962p	-	All	All	All
Operating System	Draytek	Vigor2962p Firmware	All	All	All	All
Operating System	Draytek	Vigor2962 Firmware	All	All	All	All
Hardware	Draytek	Vigor3220	-	All	All	All
Operating System	Draytek	Vigor3220 Firmware	All	All	All	All
Hardware	Draytek	Vigor3910	-	All	All	All
Operating System	Draytek	Vigor3910 Firmware	All	All	All	All
Hardware	Draytek	Vigorlte 200n	-	All	All	All
Operating System	Draytek	Vigorlte 200n Firmware	All	All	All	All

References

Reference	Source	Link	Tags
SMBs Exposed to Attacks by Critical Vulnerability in DrayTek Vigor Routers \| SecurityWeek.Com	MISC	www.securityweek.com
Unauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers	MISC	www.trellix.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.