CVE-2024-46316 | Draytek Vigor3900 1.5.1.6 HTTP Message mainfunction.cgi sub_2C920 command injection

CVE-2024-46316 | Draytek Vigor3900 1.5.1.6 HTTP Message mainfunction.cgi sub_2C920 command injection

A vulnerability has been found in Draytek Vigor3900 1.5.1.6 and classified as critical. Affected by this vulnerability is the function sub_2C920 of the file /cgi-bin/mainfunction.cgi of the component HTTP Message Handler. The manipulation leads to command injection. This vulnerability is known as CVE-2024-46316. The attack needs to be approached within the local network. There is no exploit available.