CVE-2024-45890 | DrayTek Vigor 3900 1.5.1.3 cgi-bin/mainfunction.cgi download_ovpn action command injection

CVE-2024-45890 | DrayTek Vigor 3900 1.5.1.3 cgi-bin/mainfunction.cgi download_ovpn action command injection

A vulnerability classified as critical has been found in DrayTek Vigor 3900 1.5.1.3. This affects the function download_ovpn of the file cgi-bin/mainfunction.cgi. The manipulation of the argument action leads to command injection. This vulnerability is uniquely identified as CVE-2024-45890. It is possible to initiate the attack remotely. There is no exploit available.