Detects 'Local File Inclusion' vulnerability in Draytek VigorConnect affects v. 1.6.0-B3.
Can be used by
Scan only one
CVE-2021-20123 Scanner Detail
Draytek VigorConnect is a software solution designed to help small-to-medium-sized businesses manage and monitor their networking infrastructure. It provides a unified platform for monitoring and configuring multiple Draytek networking devices such as routers, switches, and access points. The software enables administrators to easily configure and monitor their network infrastructure from a single interface. Draytek VigorConnect is known for its reliability, security, and ease of use, making it a popular choice for businesses seeking an all-in-one network management solution.
The CVE-2021-20123 vulnerability is a local file inclusion vulnerability found in the Draytek VigorConnect 1.6.0-B3 software in the DownloadFileServlet endpoint. When exploited, an attacker can gain unauthorized access to files and directories on the underlying operating system and potentially download arbitrary files with root privileges. This vulnerability can be exploited remotely without authentication by sending a crafted HTTP request to the affected endpoint.
When exploited, the CVE-2021-20123 vulnerability can lead to the compromise of sensitive data, including system files and user credentials. Attackers can gain access to the underlying operating system and cause damage by deleting files, altering configurations, or executing malicious code. This vulnerability poses a severe threat to businesses that rely on the Draytek VigorConnect software, as it can expose them to data breaches and system malfunctions.
In conclusion, the security and integrity of digital assets are crucial for businesses of all sizes. By using advanced security tools such as securityforeveryone.com, businesses can easily and quickly learn about vulnerabilities in their infrastructure and take measures to protect against them. With securityforeveryone.com's pro features, businesses can get comprehensive vulnerability scanning, threat intelligence, and real-time security alerts to help them stay ahead of threats. Ensure that your digital assets are secure by subscribing to securityforeveryone.com today.