Draytek Vigor2866ac Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Draytek Vigor2866ac Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-32548 — CVSS 10.0 (critical): An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a…
CVE-2023-23313 — CVSS 6.1 (medium): Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's…