Security

High-end router flinger DrayTek admits to zero day in bunch of Vigor kit

'It may be possible for an attacker to intercept your router'

By Kat Hall

34 SHARE

Taiwanese network kit maker DrayTek has 'fessed up to a vulnerability in a large number of its routers which could allow miscreants to hijack internet traffic or steal personal data.

The flaw means attackers could remotely alter DNS settings on 28 Vigor model routers. DrayTek has released a series of firmware updates addressing the issue.

Users have complained about the problem for the last week on the AbuseIPDB forum. One noted the zero-day attack had infiltrated their servers, CRM and workstations.

"We now cannot log in as it is obvious this zero-day attack has changed our passwords including our VPN accounts [that] our remote users use to log in to the environment."

DrayTek routers are considered high end in the UK – retailing at around £200, more than twice the price of garden-variety alternatives – and are mostly used by businesses. In 2015, BT's Openreach accredited DrayTek for use of its very-high-bit-rate digital subscriber line 2 (VDSL2) fibre-to-the-cabinet products.

One business customer, who discovered his router was open to the vulnerability, told El Reg: "DrayTek routers are really expensive compared with other makes, they have an awful lot of features on them and this is the first known exploit I've come across."

In a statement, the company said:

We have become aware of security reports with DrayTek routers related to the security of web administration when managing DrayTek routers.

In some circumstances, it may be possible for an attacker to intercept or create an administration session and change settings on your router.

The reports appear to show that DNS settings are being altered. Specific improvements have been identified as necessary to combat this and we are in the process of producing and issuing new firmware. You should install that as soon as possible.

Until you have the new firmware installed, you should check your router's DNS settings on your router and correct them if changed (or restore from a config backup).

A survey by Broadband Genie recently found the vast majority of punters are potentially leaving themselves exposed by failing to change the password and security setting on their routers. ®

Sign up to our NewsletterGet IT in your inbox daily

34 Comments

Keep Reading

Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAArrg *segfault*

RV110W, RV130W, RV215W need patching to close remote hijacking bug

Magic million: That's how many Cisco routers can now run SD-WAN

Viptela vManage comes to boxen running IOS XE

No backdoors needed: Apple ditched plans to fully encrypt iCloud backups after heavy pressure from FBI – claim

Convenient timing for this story to emerge

Switchzilla? More like Ditch-your-staff-zilla: Cisco back at the layoffs as revenues shrink

Hardware is hard

G Suite'n'sour: Google resets passwords after storing some unhashed creds for months, years

Biz app login details encrypted at rest, though, ad giant insists

Russian FaceApp selfie-slurper poses 'potential counterintelligence threat', FBI warns

Feds tell senator that age-filter toy a possible security risk

D-Link, Comba network gear leave passwords open for potentially whole world to see

Manufacturers seem not to care – some routers still awaiting patches

SecureX gon give it to ya: Cisco muscles into the integrated security game

Push to get punters inhaling one cloudy product

Cisco bulks up routers for carriers struggling with CDN traffic

IOS XR gets an SDN injection to help things out, too

Cisco: We warned months ago our sales would be a bit glum, we did not disappoint, and don't expect changes soon. PS: We axed Cisco Live Oz

The aristocrats! The aristocrats!

Tech Resources

Who Needs Malware?

Learn how fileless techniques work and why they present such a complex challenge.

A Step-by-Step Guide to Building a Scalable Vendor Onboarding Process

Vendors are at the heart of many companies’ processes and activities, and their numbers are increasing. In fact, according to a recent study by the Ponemon Institute, the average number of third parties employed by companies rose from 378 in 2016 to 588 in 2018.

Security Orchestration and Automation Playbook

This playbook highlights some of the most common use cases for security orchestration and automation, as well as useful tips on how to get started.

Leading Your Team to DevOps Maturity

Rob Zuber, CircleCI CTO, brings an inspiring and practical guide to moving your team further up the DevOps maturity ladder, regardless of where you are now.