THREAT OPS › CVEs › CVE-2024-12987
CVE-2024-12987 — DrayTek Vigor Routers OS Command Injection Vulnerability
DrayTek Vigor2960, Vigor300B, and Vigor3900 routers contain an OS command injection vulnerability due to an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component web management interface.
Vulnerability details
- Affected productsVigor Routers
- KEV remediation due2025-06-05