CVE-2024-12987 | Armis Vulnerability Intelligence Database

Description Preview

CVE-2024-12987 is a critical vulnerability affecting DrayTek Vigor2960 and Vigor300B devices running firmware version 1.5.1.4. The vulnerability is classified as an OS command injection flaw, which allows an attacker to execute arbitrary commands on the underlying operating system by manipulating the `session` argument in the specified CGI file. This exploitation can be performed remotely, making it particularly dangerous. The vulnerability has been publicly disclosed, and an upgrade to version 1.5.1.5 is recommended to mitigate the issue.

Overview

CVE ID: CVE-2024-12987
Affected Products:
- DrayTek Vigor2960 (version 1.5.1.4)
- DrayTek Vigor300B (version 1.5.1.4)
Vulnerability Type: OS Command Injection (CWE-78, CWE-77)
Severity:
- CVSS v3.1: 7.3 (High)
- CVSS v4.0: 6.9 (Medium)
Attack Vector: Remote
Date Published: December 27, 2024
Status: Publicly disclosed and actively exploitable

Remediation

To address the vulnerability, it is recommended that users upgrade their DrayTek Vigor2960 and Vigor300B devices to firmware version 1.5.1.5 or later. This update is expected to resolve the OS command injection issue. Users should ensure that their devices are regularly updated to maintain security against known vulnerabilities.

References

Early Warning

Customers using Armis Early Warning were notified about this vulnerability before it appeared in CISA's Known Exploited Vulnerabilities Catalog, enabling them to assess their exposure and act proactively. Armis offers these examples of CVEs already included in CISA KEV for potential customers. Click here to learn how to receive alerts earlier.

Armis Alert Date: Dec 27, 2024
CISA KEV Date: May 15, 2025

139days early

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

Accommodation & Food Services: Low
Accommodation & Food Services
Administrative, Support, Waste Management & Remediation Services: Low
Administrative, Support, Waste Management & Remediation Services
Agriculture, Forestry Fishing & Hunting: Low
Agriculture, Forestry Fishing & Hunting
Arts, Entertainment & Recreation: Low
Arts, Entertainment & Recreation
Construction: Low
Construction
Educational Services: Low
Educational Services
Finance and Insurance: Low
Finance and Insurance
Health Care & Social Assistance: Low
Health Care & Social Assistance
Information: Low
Information
Management of Companies & Enterprises: Low
Management of Companies & Enterprises
Manufacturing: Low
Manufacturing
Mining: Low
Mining
Other Services (except Public Administration): Low
Other Services (except Public Administration)
Professional, Scientific, & Technical Services: Low
Professional, Scientific, & Technical Services
Public Administration: Low
Public Administration
Real Estate Rental & Leasing: Low
Real Estate Rental & Leasing
Retail Trade: Low
Retail Trade
Transportation & Warehousing: Low
Transportation & Warehousing
Utilities: Low
Utilities
Wholesale Trade: Low
Wholesale Trade

Description Preview

Overview

Remediation

References

Early Warning

Focus on What Matters

Let's talk!