DrayTek VigorACS SI versions 1.3.0 and below suffer from local file inclusion, remote file upload, file write, and default login vulnerabilities.
7226dc0010971b3a84ebc020d354b8d1bc0b10c4f66fb47f69132a9302bf5acd
VIGOR 2130 suffers from command injection and cross site request forgery vulnerabilities.
158da6869360c34440401b7d762e6ad0e7bc58128556d9bb4750ab4cd08a562e