WebllenaWebllena
  • Home
  • Reviews
    • Key Specs
  • Blog
  • IT Tips
  • IT Info
  • Software-App
  • Communication
    • Car-Tech News
  • Web-marketing
    • About
    • Privacy Policy
Reading: 29 DrayTek router models are affected by a critical RCE vulnerability
Share
Aa
WebllenaWebllena
Aa
  • Home
  • Reviews
  • IT Tips
  • IT Info
  • Software-App
Search
  • Home
  • Reviews
    • Key Specs
  • Blog
  • IT Tips
  • IT Info
  • Software-App
  • Communication
    • Car-Tech News
  • Web-marketing
    • About
    • Privacy Policy
Follow US

Home » IT Info » 29 DrayTek router models are affected by a critical RCE vulnerability

IT Info

29 DrayTek router models are affected by a critical RCE vulnerability

Last updated: 2022/08/18 at 2:19 PM
Admin Published August 18, 2022 August 18, 2022
Share
SHARE

Notably, the entire corporate Virgo line of products is affected.
This vulnerability has the CVE-2022-32548 tracking number and a CVSSv3 threat score of 10, which is the highest possible level. Because of this, CVE-2022-32548 is regarded as being extremely hazardous and necessitates quick corrective and mitigating actions.

Hackers don’t need the victim’s interaction or login credentials to take advantage of CVE-2022-32548. The device’s default configuration permits the assault to be conducted across LAN and the internet.
When the CVE-2022-32548 vulnerability is successfully exploited, hackers can do the following things:
complete command of the gadget.
create the necessary framework for man-in-the-middle attacks.
Modify the DNS settings.
DDoS assaults or bitcoin mining using routers as bots.DrayTek

Wide-ranging impact
Due to the rise of working from home, DrayTek Vigor devices saw a huge increase in popularity during the pandemic. They are affordable VPN access packages for SME networks.
Over 700,000 DrayTek Virgo devices are online, according to a fast Shodan search. These gadgets are primarily found in Australia, the Netherlands, the UK, and Vietnam.
Trellix made the decision to assess the security of one of the best router models made by DrayTek. The outcomes demonstrate that the login page of the web administration interface has a buffer overflow. Photo: DrayTek
The vulnerability might be enabled and the operating system of the device could be taken over by a hacker using a specifically created pair of credentials as a base64 encoded string in the login fields.
The attack surface is reduced because many of the remaining 500,000 can be exploited with one-click attacks but only through LAN.

On the list of vulnerable devices are:

Vigor3910
Vigor1000B
Vigor2962 Series
Vigor2927 Series
Vigor2927 LTE Series
Vigor2915 Series
Vigor2952 / 2952P
Vigor3220 Series
Vigor2926 Series
Vigor2926 LTE Series
Vigor2862 Series
Vigor2862 LTE Series
Vigor2620 LTE Series
VigorLTE 200n
Vigor2133 Series
Vigor2762 Series
Vigor167
Vigor130
VigorNIC 132
Vigor165
Vigor166
Vigor2135 Series
Vigor2765 Series
Vigor2766 Series
Vigor2832
Vigor2865 Series
Vigor2865 LTE Series
Vigor2866 Series
Vigor2866 LTE Series

For the aforementioned devices, DrayTek swiftly published security upgrades. Find the most recent firmware for the above-mentioned devices, download it, then install it to fix the issue.

Share this Article
Facebook Twitter Pinterest Reddit Email Print
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Garmin DriveSmart™ 66
What is the difference between Garmin drive and DriveSmart?
Reviews
Fix Windows Boot Loop
How to Fix Windows Boot Loop Issues?
IT Tips
OpenEMR
4 FREE medical Software for healthcare providers
Software-App

You Might Also Like

Viper Xtreme 5
IT Info

VIPER GAMING Announces New DDR5 Performance Memory Lines

January 23, 2023 January 23, 2023
Apex Legends
IT Info

Which site is the best for downloading free PC games?

January 21, 2023 January 21, 2023
Garmin Instinct 2
IT Info

Garmin Instinct 2 outdoor GPS watch – new features & specs

December 24, 2022 December 24, 2022
HPE ProLiant RL300 Gen11
IT Info

The new HPE ProLiant RL300 Gen11 in partnership with Amperé

November 15, 2022 December 16, 2022
Netflix
IT Info

Growth of Netflix subscribers exceeds predictions

November 10, 2022 December 16, 2022
Nytro 5350
IT Info

Seagate Nytro 5550 and 5350 NVMe SSDs – New Enterprise-Class Nytro SSDs

October 21, 2022 December 6, 2022
new wireless charging system
IT Info

For usage at home, convenient wireless charging

October 13, 2022 October 13, 2022
Kingston FURY Beast DDR4 RGB Special Edition
IT Info

Kingston FURY Beast – New Special Edition RGB DDR4

October 9, 2022 December 21, 2022

Recent Posts

  • What is the difference between Garmin drive and DriveSmart?
  • How to Fix Windows Boot Loop Issues?
  • 4 FREE medical Software for healthcare providers
  • I can’t use wireless to access my network storage?
  • Motherboard BIOSTAR Z790A-SILVER – Digital PWM, SMART BIOS Update…
Fix Windows Boot Loop
How to Fix Windows Boot Loop Issues?
IT Tips
vlc
VLC not casting to Chromecast – Tips
IT Tips
BenQ TK850i
What exactly is a Laser Projector?
IT Tips
Network Storage
I can’t use wireless to access my network storage?
IT Tips

Categories

  • Car-Tech News
  • Communication
  • IT Info
  • IT Tips
  • Key Specs
  • Reviews
  • Software-App
  • Web-marketing
© Copyright 2012 - 2023 Webllena.com

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in settings.

Welcome Back!

Sign in to your account

Lost your password?
Webllena
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.