DrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field
The web management interface of the vulnerable DrayTek devices is affected by a buffer overflow on the login page at /cgi-bin/wlogin.cgi. An attacker may supply carefully crafted username and/or password as base64 encoded strings inside the fields aa and ab of the login page
full chained Unauthenticated RCE written in python with multi targets (list of ips) capability and threading (for faster checking huge list of ips), the script save the result in separate file (vulns.txt) for feature use. this upload comes with huge list of servers from shodan, you can get >100k bots from this list, you can get it from here: https://satoshidisk(.)com/pay/CGWbjR
may you have any question regarding this tool, you can ask me via my email: arbeyCEO@proton.me
- shodan edu api_key : https://satoshidisk(.)com/pay/CGQ5E2
- shodan full unlimited api_key(with vuln tag) : https://satoshidisk(.)com/pay/CGQ5HM
shodan (src: Shodan)
- Vigor3910 < 4.3.1.1
- Vigor1000B < 4.3.1.1
- Vigor2962 Series < 4.3.1.1
- Vigor2927 Series < 4.4.0
- Vigor2927 LTE Series < 4.4.0
- Vigor2915 Series < 4.3.3.2
- Vigor2952 / 2952P < 3.9.7.2
- Vigor3220 Series < 3.9.7.2
- Vigor2926 Series < 3.9.8.1
- Vigor2926 LTE Series < 3.9.8.1
- Vigor2862 Series < 3.9.8.1
- Vigor2862 LTE Series < 3.9.8.1
- Vigor2620 LTE Series < 3.9.8.1
- VigorLTE 200n < 3.9.8.1
- Vigor2133 Series < 3.9.6.4
- Vigor2762 Series < 3.9.6.4
- Vigor165 < 4.2.4
- Vigor166 < 4.2.4
- Vigor2135 Series < 4.4.2
- Vigor2765 Series < 4.4.2
- Vigor2766 Series < 4.4.2
- Vigor2832 < 3.9.6
- Vigor2865 Series < 4.4.0
- Vigor2865 LTE Series < 4.4.0
- Vigor2866 Series < 4.4.0
- Vigor2866 LTE Series < 4.4.0
