COOEY // HUBcompliance · community · intelligence

FAIL › dossier

VigorConnect product

2
failure events
0
zero-days
0
RCEs
2
on KEV
0
critical
50
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 2 events

DateEventSevFlagsShameSummary
2024-09-03 CVE-2021-20124 high ⌖KEV 50 Draytek VigorConnect contains a path traversal vulnerability in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.
2024-09-03 CVE-2021-20123 high ⌖KEV 50 Draytek VigorConnect contains a path traversal vulnerability in the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.