CVE-2020-8515 - Multiple DrayTek Vigor Routers Web Management Page Vulnerability

CVE ID:CVE-2020-8515

Project:DrayTek

Product:Multiple Vigor Routers

Date Added:2021-11-03Due Date:2022-05-03

Vulnerability Name

Multiple DrayTek Vigor Routers Web Management Page Vulnerability

Description

DrayTek Vigor3900, Vigor2960, and Vigor300B routers contain an unspecified vulnerability that allows for remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2020-8515

Related News Articles

CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek DevicesMarch 27, 2025

Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS BotnetJanuary 22, 2025

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT CampaignDecember 17, 2024

Latest Security News

Top CVE List

Common Alerts

MediumWeb Cache Deception
HighCross-Domain Misconfiguration - Silverlight
InformationalGET for POST
InformationalUser Agent Fuzzer
HighRemote OS Command Injection
InformationalInformation Disclosure - Suspicious Comments in XML via WebSocket
HighPII Disclosure
MediumSource Code Disclosure - SVN
MediumInsecure JSF ViewState
LowHTTPS Content Available via HTTP

Top CWE List