Limited Black Friday Offer:
Security for everyone

DrayTek pre-auth RCE Vulnerability CVE-2020-8515 Scanner

Some DrayTek devices have remote code execution vulnerabilities.

SCAN NOW

Short Info

Level

Critical

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

30 sec

Scan only one

Url

Parent Category

DrayTek pre-auth RCE Vulnerability CVE-2020-8515 Scanner Detail

DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.