{"api_version":"1","generated_at":"2026-07-08T04:51:12+00:00","cve":"CVE-2024-41340","urls":{"html":"https://cve.report/CVE-2024-41340","api":"https://cve.report/api/cve/CVE-2024-41340.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-41340","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-41340"},"summary":{"title":"CVE-2024-41340","description":"An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload crafted APP Enforcement modules, leading to arbitrary code execution.","state":"PUBLISHED","assigner":"mitre","published_at":"2025-02-27 21:15:36","updated_at":"2026-07-05 01:20:16"},"problem_types":["CWE-434","n/a","CWE-434 CWE-434 Unrestricted Upload of File with Dangerous Type"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"8.4","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"8.4","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}}],"references":[{"url":"https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946","name":"https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946","refsource":"cve@mitre.org","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-41340","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41340","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor165","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor165_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor166","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor166_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2133","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2133_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2135","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2135_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2620","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2620_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2762","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2762_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2765","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2765_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2766","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2766_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2832","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2832_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2860","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2860_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2862","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2862_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2865","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2865_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2866","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2866_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2925","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2925_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2926","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2926_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2927","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2927_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor2962","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2962_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor2962_firmware","cpe6":"4.4.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor3910","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor3910_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor3910_firmware","cpe6":"4.4.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigor3912","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigor3912_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"draytek","cpe5":"vigorlte200","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"41340","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"draytek","cpe5":"vigorlte200_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2024","cve_id":"41340","cve":"CVE-2024-41340","epss":"0.002120000","percentile":"0.115300000","score_date":"2026-07-07","updated_at":"2026-07-08 00:14:16"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2024-41340","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2025-02-28T16:58:48.633348Z","version":"2.0.3"},"type":"ssvc"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-434","description":"CWE-434 Unrestricted Upload of File with Dangerous Type","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-02-28T21:44:05.694Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload crafted APP Enforcement modules, leading to arbitrary code execution."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2026-07-05T00:56:30.073Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"url":"https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"}]}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2024-41340","datePublished":"2025-02-27T00:00:00.000Z","dateReserved":"2024-07-18T00:00:00.000Z","dateUpdated":"2026-07-05T00:56:30.073Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2025-02-27 21:15:36","lastModifiedDate":"2026-07-05 01:20:16","problem_types":["CWE-434","n/a","CWE-434 CWE-434 Unrestricted Upload of File with Dangerous Type"],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-28T16:58:48.633348Z","id":"CVE-2024-41340","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.2.7","matchCriteriaId":"59521C99-00BA-4503-823E-3FEA44F8DDA0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*","matchCriteriaId":"8E644893-0457-43A9-98AB-9DB37A5C415C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.2.7","matchCriteriaId":"08B9436B-B2FE-4644-BB06-B0537EC23A71"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*","matchCriteriaId":"7E33E647-5883-44FA-9915-34B89090D4E4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2620_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.8.9","matchCriteriaId":"4C7DD492-4294-484D-A4D2-BCCCA152D57F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2620:-:*:*:*:*:*:*:*","matchCriteriaId":"5D98663B-F2F5-4ADC-9FD5-75846890EEBA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigorlte200_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.8.9","matchCriteriaId":"E7845410-6E90-4E92-8029-964A7F77EC57"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigorlte200:-:*:*:*:*:*:*:*","matchCriteriaId":"4DBF2015-9315-44C8-A9FE-E86146F1958E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.8","matchCriteriaId":"02588C38-E98C-4553-93C0-535A0C129783"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*","matchCriteriaId":"266C73DE-BFC6-4F3E-B022-559B3971CA44"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2925_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.8","matchCriteriaId":"43C713BB-02A0-4CD4-A27F-943D5D538444"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2925:-:*:*:*:*:*:*:*","matchCriteriaId":"7536B29C-2030-4331-B8BF-D269D86D199B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.9.5","matchCriteriaId":"765C62A0-BE3E-4661-8FD6-E9566B7C3C28"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*","matchCriteriaId":"8B01EDAE-BB9E-4431-BE8C-6505BA7CA42D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.9.5","matchCriteriaId":"36FE9F0A-223F-42DC-BCB6-4A7A24A65130"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*","matchCriteriaId":"AF1B117B-603D-493C-A804-C18ED332A221"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.9","matchCriteriaId":"E0813DB7-4B52-40E1-9D5C-DBF9FA74EFD0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*","matchCriteriaId":"1878E59C-FB40-435D-940A-8952C56FA88B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.9","matchCriteriaId":"3B69D1EC-7C33-4367-80BA-4008E8C9A4BE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*","matchCriteriaId":"3873B2B9-95C1-4F00-9165-7C4D2A90CDE5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.9","matchCriteriaId":"D46E5FF5-6521-4A10-8CC5-34518A38ECFA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*","matchCriteriaId":"B0978465-D59F-4C0A-A29F-5D7BE58BA557"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.5.1","matchCriteriaId":"6FD4B17C-2E8A-45C9-8475-C5FD40C86052"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*","matchCriteriaId":"AEDC8A7F-08CF-44D2-A9A5-A1353AF35B45"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.5.1","matchCriteriaId":"815465FB-9BDB-4A16-9E8A-A73B928A7999"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*","matchCriteriaId":"60657812-D3A8-4B1B-B7BE-F629991CB053"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.5.1","matchCriteriaId":"73E966A8-E862-4118-B178-93C297765B0B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*","matchCriteriaId":"C0AB3C84-67CA-4531-85FB-1A56F3C93ABF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.5.3","matchCriteriaId":"31F174D4-CDE6-401D-9040-34B862BDE1F9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*","matchCriteriaId":"871448C6-9183-4828-A287-05F5EC6A44F6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.5.3","matchCriteriaId":"D9B2CD77-C72F-4C26-B082-EA2671A59116"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*","matchCriteriaId":"0D0D2760-739F-4C79-AEDC-8B2CCCA2FF53"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.5.3","matchCriteriaId":"570A3205-4E89-47E5-9FAE-2D4FFBD5A667"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*","matchCriteriaId":"12460F51-25AB-4EA9-BC43-9CE8DA992D75"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.3.2.8","matchCriteriaId":"0549C870-BE10-441A-B07D-0701915E5A9E"},{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2962_firmware:4.4.3.0:*:*:*:*:*:*:*","matchCriteriaId":"69EE76E5-A910-46D0-AF34-28D28B77E024"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*","matchCriteriaId":"BD0C9A21-7CFE-452F-8505-834AB8579D9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.3.2.8","matchCriteriaId":"B937F11C-FC86-4D6E-A46B-BA2CA0FFCEF7"},{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor3910_firmware:4.4.3:*:*:*:*:*:*:*","matchCriteriaId":"E857D42C-1967-46FE-94F6-45B3008ED4DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*","matchCriteriaId":"894E4DDA-D9BE-441D-B447-B1CE52959347"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor3912_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.3.6.1","matchCriteriaId":"84670562-F228-40A0-A38D-144EA62556D3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor3912:-:*:*:*:*:*:*:*","matchCriteriaId":"282E5318-DAA8-4AA2-8E7D-4B8BD9162153"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"41340","Ordinal":"1","Title":"CVE-2024-41340","CVE":"CVE-2024-41340","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"41340","Ordinal":"1","NoteData":"An issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload crafted APP Enforcement modules, leading to arbitrary code execution.","Type":"Description","Title":"CVE-2024-41340"}]}}}