{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T17:10:58.270","vulnerabilities":[{"cve":{"id":"CVE-2024-48074","sourceIdentifier":"cve@mitre.org","published":"2024-10-28T12:15:15.200","lastModified":"2025-05-17T02:14:47.187","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function."},{"lang":"es","value":"Existe una vulnerabilidad RCE autorizada en el enrutador DrayTek Vigor2960 versión 1.4.4, donde un atacante puede colocar un comando malicioso en el parámetro de tabla de la función doPPPoE en la ruta cgi-bin/mainfunction.cgi y, finalmente, el comando es ejecutado por la función del sistema."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:draytek:vigor2960_firmware:1.4.4:*:*:*:*:*:*:*","matchCriteriaId":"44456785-AB07-490E-B33A-20CD6256EFB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*","matchCriteriaId":"8FDA3905-67DD-4F31-AFCF-014F1D7CCC1F"}]}]}],"references":[{"url":"https://gist.github.com/Giles-one/6425e97dcd1ec97a722a1e20da25fad7","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Giles-one/Vigor2960Crack","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}]}