Draytek routers attacked via ‘router vulnerability’

Draytek routers attacked via ‘router vulnerability’

   Nieuws    2020  |  0

Description:
March 23, reports of unstable or offline connections were received from several customers using a Draytek CPE. Research shows that these routers are currently being actively attacked via a vulnerability published under CVE-2024-51138 and CVE-2024-51139 ( https://www.draytek.com/about/security advisory/buffer-overflow-vulnerabilities-(cve-2024-51138-cve-2024-51139)) .

Impact:
The affected connections use various Draytek models that are vulnerable. A firmware update is now available for some models (see list at the bottom of this message), but not for all models. For routers such as the Vigor 2760, the problem can be mitigated for the time being by disabling the SSL VPN.

•⁠  ⁠Vigor2620 LTE - 3.9.9.1
•⁠  ⁠VigorLTE 200n - 3.9.9.1
•⁠  ⁠Vigor2133 - 3.9.9.2
•⁠  ⁠Vigor2135 - 4.4.5.5
•⁠  ⁠Vigor2762 - 3.9.9.2
•⁠  ⁠Vigor2765 - 4.4.5.5
•⁠  ⁠Vigor2766 - 4.4.5.5
•⁠  ⁠Vigor2832 - 3.9.9.2
•⁠  ⁠Vigor2860 / 2860 LTE - 3.9.8.3
•⁠  ⁠Vigor2862 / 2862 LTE - 3.9.9.8
•⁠  ⁠Vigor2865 / 2865 LTE / 2865L-5G - 4.4.5.8
•⁠  ⁠Vigor2866 / 2866 LTE - 4.4.5.8
•⁠  ⁠Vigor2925 / 2925 LTE - 3.9.8.3
•⁠  ⁠Vigor2926 / 2926 LTE - 3.9.9.8
•⁠  ⁠Vigor2927 / 2927 LTE / 2927L-5G - 4.4.5.8
•⁠  ⁠Vigor2962 - 4.3.2.9 - 4.4.3.2
•⁠  ⁠Vigor3910 - 4.3.2.9 / 4.4.3.2
•⁠  ⁠Vigor3912 - 4.3.6.2 / 4.4.3.2

 

Schrijf je in voor de nieuwsbrief

Links

  • MikroTik scripts
  • Wat is mijn IP
  • Speedtest
  • IP subnet
  • Waar ligt glasvezel?

    • Contact

    WifiNederland
    info@wifinederland.nl
    Tel: 085-7602711
    KvK: 76802671
    Btw: NL003137656B03

    © 2025 WifiNederland.