WEB DrayTek Vigor Routers Stack-based Buffer Overflow (CVE-2022-32548)

Rule ID

1238577

Severity

Critical

Description

An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.

Impact

Denial of service

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2022-32548

T1210

T0866

T1499.004

T0814

T1068

Keywords

N/A

Date Created

2026/06/23

Last Updated

2026/06/24