Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-8515 PoC — Draytek Vigor2960和Vigor300B 操作系统命令注入漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-8515.yaml
Associated Vulnerability
Title:Draytek Vigor2960和Vigor300B 操作系统命令注入漏洞 (CVE-2020-8515)
Description:Draytek Vigor2960和Vigor300B都是中国台湾居易科技(Draytek)公司的产品。Vigor2960是一款负载平衡路由器和VPN网关设备。Vigor300B是一款负载均衡路由器。 DrayTek Vigor2960、Vigor3900和Vigor300B中存在操作系统命令注入漏洞。攻击者可通过向cgi-bin/mainfunction.cgi URI发送shell元字符利用该漏洞不经过身份验证以root权限执行代码。以下产品及版本受到影响:DrayTek Vigor2960 1.3.
Description
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI.
File Snapshot

 id: CVE-2020-8515

info:
  name: DrayTek - Remote Code Execution
  author: pikpikcu
  severity: crit

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.