Vulnerability Details : CVE-2020-14993
A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.
Vulnerability category: OverflowMemory CorruptionExecute code
Products affected by CVE-2020-14993
- cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-14993
10.50%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-14993
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2020-14993
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-14993
-
https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability-(cve-2020-14473)
Vigor3900 / Vigor2960 / Vigor300B Stack-based buffer overflow Vulnerability (CVE-2020-14473 / CVE-2020-14993) | DrayTekPatch;Vendor Advisory
-
https://github.com/dexterone/Vigor-poc
GitHub - dexterone/Vigor-pocExploit;Third Party Advisory
-
https://www.draytek.com/about/security-advisory
Security Advisory | DrayTekVendor Advisory
Jump to