Security News

700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking
2024-10-02 21:33

With 14 serious security flaws found, what a gift for spies and crooks Fourteen bugs in DrayTek routers — including one critical remote-code-execution flaw that received a perfect 10 out of 10...

Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities
2024-10-02 13:00

A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices....

DrayTek fixed critical flaws in over 700,000 exposed routers
2024-10-02 13:00

DrayTek has released security updates for multiple router models to address 14 vulnerabilities of varying severity, including a remote code execution flaw that received the maximum CVSS score of 10. [...]

New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks
2023-12-15 14:17

A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the...

Alert: Crims hijack these DrayTek routers to attack biz
2023-03-08 00:01

If you're still running post-support DrayTek Vigor routers it may be time to junk them, or come up with some other workaround, as a cunning malware variant is setting up shop in the kit. The operators behind the Hiatus malware campaign are hijacking DrayTek Vigor router models 2960 and 3900 powered by MIPS, i386 and Arm-based processors to in turn attack businesses in North and Latin America as well as in Europe, according to researchers with Lumen's Black Lotus Labs threat intelligence unit.

DrayTek VPN routers hacked with new malware to steal data, evade detection
2023-03-06 15:03

An ongoing hacking campaign called 'Hiatus' targets DrayTek Vigor router models 2960 and 3900 to steal data from victims and build a covert proxy network. DrayTek Vigor devices are business-class VPN routers used by small to medium-size organizations for remote connectivity to corporate networks.

Critical RCE Bug Could Let Hackers Remotely Take Over DrayTek Vigor Routers
2022-08-05 05:41

As many as 29 different router models from DrayTek have been identified as affected by a new critical, unauthenticated, remote code execution vulnerability that, if successfully exploited, could lead to full compromise of the device and unauthorized access to the broader network. Over 200,000 devices from the Taiwanese manufacturer are said to have the vulnerable service currently exposed on the internet and would require no user interaction to be exploited.

Critical RCE vulnerability impacts 29 models of DrayTek routers
2022-08-04 23:18

Researchers at Trellix have discovered a critical unauthenticated remote code execution vulnerability impacting 29 models of the DrayTek Vigor series of business routers. The vulnerability is tracked as CVE-2022-32548 and carries a maximum CVSS v3 severity score of 10.0, categorizing it as critical.

Vulnerabilities in DrayTek Enterprise Routers Exploited in Attacks
2020-03-30 11:44

Threat actors have been exploiting a couple of vulnerabilities affecting some DrayTek enterprise routers in attacks that started before patches were released by the vendor. In early December 2019, researchers at the Network Security Research Lab of Chinese cybersecurity firm Qihoo 360 noticed that some DrayTek Vigor routers had been targeted in attacks exploiting a vulnerability which at the time had a zero-day status.

Hackers Exploit Zero-Day Bugs in Draytek Devices to Target Enterprise Networks
2020-03-29 11:22

Cybersecurity researchers with Qihoo 360's NetLab today unveiled details of two recently spotted zero-day cyberattack campaigns in the wild targeting enterprise-grade networking devices manufactured by Taiwan-based DrayTek. According to the report, at least two separate groups of hackers exploited two critical remote command injection vulnerabilities affecting DrayTek Vigor enterprise switches, load-balancers, routers and VPN gateway devices to eavesdrop on network traffic and install backdoors.