CVE-2023-6265

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 22, 2023
Updated: Mar 21, 2024
CWE ID 22

Summary

CVE-2023-6265 is a vulnerability that affects Draytek Vigor2960 routers running versions 1.5.1.4 and 1.5.1.5. It allows an authenticated attacker with access to the web management interface to perform directory traversal, specifically through the mainfunction.cgi dumpSyslog 'option' parameter, which can result in the deletion of arbitrary files. It is important to note that Vigor2960 is no longer supported, leaving organizations at risk if they are still using this version of the router.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-6265 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options