CVE-2022-50994 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: May 8, 2026
DrayTek Vigor 2960 - Command Injection
Published: May 8, 2026Updated: May 8, 2026Remote Exploitable
Overview
DrayTek Vigor 2960 < 1.5.1.4 contains a command injection caused by unsanitized input in the CGI login handler's formpassword parameter, letting unauthenticated remote attackers execute arbitrary commands with web server privileges, exploit requires valid username and MOTP authentication enabled.
Severity & Score
Severity: High
CVSS Score: 8.1
Impact
Attackers can execute arbitrary commands remotely with web server privileges, potentially compromising the device.
Mitigation
Update to version 1.5.1.4 or later.
References
- https://www.draytek.co.uk/support/downloads/vigor-2960/older-firmware/firmware-1514?task=download.send&id=2597:readme-v2960-1514&catid=1251
- https://www.draytek.com/about/newsroom/2021/2021/end-of-life-notification-vigor2960
- https://www.vulncheck.com/advisories/draytek-vigor-2960-os-command-injection-via-mainfunction-cgi
Related Resources
Details
- CVE ID
- CVE-2022-50994
- Severity
- High
- CVSS Score
- 8.1
- Type
- command_injection
- Status
- rejected
CWE
- CWE-78
CVSS Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H