CVE-2021-20127
CVE-2021-20127
An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete files in any location on the target operating system with root privileges.
Affected products
n/a · Draytek VigorConnectWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →