CVE-2020-8515 Scanner
Detects 'Remote Code Execution (RCE)' vulnerability in DrayTek Vigor2960, Vigor3900, Vigor300B affects v. Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta.
Short Info
Level
Critical
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
30 sec
Scan only one
Url
Parent Category
CVE-2020-8515 Scanner Detail
The DrayTek Vigor2960, Vigor3900, and Vigor300B devices are multi-WAN routers suitable for small and medium businesses that require reliable and secure VPN connectivity. These routers feature high-performance hardware, advanced security protocols, and a user-friendly web interface that allows network administrators to configure complex network setups with just a few clicks. The DrayTek routers are used by companies for critical applications such as remote working, video conferencing, and cloud computing.
The CVE-2020-8515 vulnerability detected in DrayTek routers allows remote code execution as a root user without the need for authentication. This vulnerability can be exploited through shell metacharacters to the cgi-bin/mainfunction.cgi URI. Hackers can send a malicious payload to the router, which the device automatically processes and executes. This vulnerability may lead to severe damage to the victim's network, including data loss, data theft, and network shutdown.
When exploited, CVE-2020-8515 vulnerability can enable attackers to gain root privileges, bypass security checks, and execute arbitrary code on the affected DrayTek routers. This means attackers can take complete control of both the router and the network that the router serves, leading to all network traffic being intercepted and exposed. Breaching the security of the network can result in a loss of sensitive information, ultimately exposing the company to financial and reputational damage.
Thanks to the pro features of the securityforeveryone.com platform, businesses can easily and quickly learn about vulnerabilities in their digital assets. By subscribing to the platform, network administrators can receive real-time alerts about vulnerability threats and take immediate action to mitigate the risks associated with such vulnerabilities. With an emphasis on proactive security measures, the securityforeveryone.com platform helps businesses protect their networks, markets, and reputation, ensuring their continued success in the digital world.
REFERENCES
- https://sku11army.blogspot.com/2020/01/draytek-unauthenticated-rce-in-draytek.html
- https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-%28cve-2020-8515%29/
- http://packetstormsecurity.com/files/156979/DrayTek-Vigor2960-Vigor3900-Vigor300B-Remote-Command-Execution.html
control security posture