Security News > 2020 > March > Vulnerabilities in DrayTek Enterprise Routers Exploited in Attacks
Threat actors have been exploiting a couple of vulnerabilities affecting some DrayTek enterprise routers in attacks that started before patches were released by the vendor.
In early December 2019, researchers at the Network Security Research Lab of Chinese cybersecurity firm Qihoo 360 noticed that some DrayTek Vigor routers had been targeted in attacks exploiting a vulnerability which at the time had a zero-day status.
Researchers then noticed on January 28 that a second zero-day flaw affecting DrayTek Vigor routers had been exploited in attacks by a different threat group.
Qihoo 360 unsuccessfully attempted to notify DrayTek of the attacks exploiting the first vulnerability in early December.
This is not the first time malicious actors have targeted DrayTek routers using zero-day vulnerabilities.
News URL
Related news
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- New botnet exploits vulnerabilities in NVRs, TP-Link routers (source)
- FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)