Known Vulnerabilities for Vigorconnect by Draytek
Listed below are 7 of the newest known vulnerabilities associated with "Vigorconnect" by "Draytek".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-20129 | An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to expo... | 7.5 - HIGH | 2021-10-13 | 2021-10-19 |
| CVE-2021-20128 | The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to s... | 5.4 - MEDIUM | 2021-10-13 | 2021-10-19 |
| CVE-2021-20127 | An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek Vigo... | 8.1 - HIGH | 2021-10-13 | 2021-10-19 |
| CVE-2021-20126 | Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-fo... | 8.8 - HIGH | 2021-10-13 | 2021-10-19 |
| CVE-2021-20125 | An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet... | 9.8 - CRITICAL | 2021-10-13 | 2021-10-19 |
| CVE-2021-20124 | A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebSer... | 7.5 - HIGH | 2021-10-13 | 2022-07-12 |
| CVE-2021-20123 | A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the Downlo... | 7.5 - HIGH | 2021-10-13 | 2022-07-12 |