CVE-2021-20124
CVE-2021-20124
Vexday Risk Score
78High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 7.5EPSS 69.2%KEV simPoC —Nuclei simMetasploit —Patch —
Lifecycle
13 Oct 2021Published on NVD
03 Sep 2024Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short
A security flaw in Draytek VigorConnect allows attackers to download any file from the system without logging in, potentially exposing sensitive data like passwords and configuration files.
Technical detail
A path traversal vulnerability (CWE-22) in the WebServlet file download endpoint permits unauthenticated arbitrary file retrieval with root-level privileges. Attack requires only HTTP request manipulation; no authentication or special conditions needed. Impact includes unauthorized access to sensitive system files.
Summary generated and translated by AI from the official description.
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
n/a · Draytek VigorConnectWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →