Home
Wifi Tips
Fix Computer
Windows 10
Windows 11
Artificial Intelligence
Space Science
Strange story
Series of DrayTek router models have security holes
Cybersecurity researchers at Forescout Technologies have discovered 14 security vulnerabilities in router models manufactured by DrayTek, which could allow attackers to take control of the router and use the device to infiltrate corporate networks.
Forescout discovered that more than 704,000 DrayTek routers have web user interfaces exposed on the Internet. The majority of affected cases are located in the United States, Vietnam, the Netherlands, Australia.
List of security vulnerabilities on DrayTek routers
Of the 14 new security flaws, two are rated critical, nine are critical, and three are moderate.
| CVE-2024-41592 |
Regarding a buffer overflow in the "GetCGI()" function in the web UI, which could lead to denial of service (DoS) or remote code execution (RCE) when processing query string parameters. |
| CVE-2024-41585 (CVSS score: 9.1) |
Relates to the case of inserting an operating system (OS) command into the "recvCmd" binary file used for communication between the host and client operating systems. |
| CVE-2024-41589 (CVSS Score: 7.5) |
Using the same administrator credentials across the entire system leaves the entire system compromised. |
| CVE-2024-41591 (CVSS Score: 7.5) |
Reflected Cross-Site Scripting (XSS) Vulnerability in Web UI |
| CVE-2024-41587 (CVSS Score: 4.9) |
Stored XSS vulnerability in web UI when configuring custom messages after login |
| CVE-2024-41583 (CVSS Score: 4.9) |
Stored XSS vulnerability in web UI when configuring custom router names to display to users |
| CVE-2024-41584 (CVSS Score: 4.9) |
Reflected XSS vulnerability in web UI login page |
| CVE-2024-41588 (CVSS Score: 7.2) |
Buffer overflow vulnerability in web UI CGI pages /cgi-bin/v2x00.cgi and /cgi-bin/cgiwcg.cgi leads to DoS or RCE |
| CVE-2024-41590 (CVSS Score: 7.2) |
Buffer overflow vulnerability in CGI pages of web UI leads to DoS or RCE |
| CVE-2024-41586 (CVSS Score: 7.2) |
Stack overflow vulnerability in /cgi-bin/ipfedr.cgi page of web UI leads to DoS or RCE |
| CVE-2024-41596 (CVSS Score: 7.2) |
Multiple buffer overflow vulnerabilities in web UI lead to DoS or RCE |
| CVE-2024-41593 (CVSS Score: 7.2) |
Heap-based buffer overflow vulnerability in ft_payloads_dns() function of web UI leads to DoS |
| CVE-2024-41595 (CVSS Score: 7.2) |
Out-of-bounds write vulnerability in web user interface leads to DoS or RCE |
| CVE-2024-41594 (CVSS Score: 7.6) |
An information disclosure vulnerability exists in the web server backend for the web user interface, which could allow an attacker to perform an adversary-in-the-middle attack. |
How to fix security holes on DrayTek routers
After receiving the report, DrayTek released patches for multiple router models to address the 14 vulnerabilities.
In addition to applying the latest software update, to fix security vulnerabilities on DrayTek routers users are recommended to perform the following actions:
- Disable remote access if not needed.
- Use access control lists.
- Use two-factor authentication when active.
- Check settings for arbitrary changes or added admin users.
- Disable SSL VPN connections over port 443.
- Enable syslog logging to monitor for suspicious events.
- Enable automatic upgrades to HTTPs pages on your web browser.
Marvin Fry
- Detecting security holes that cause a series of D-Link VPN routers to be remotely attacked
- How to set up Port Forwarding on Draytek router
- How to change Modem login password and Vigor Draytek Router
- How to set up and configure DDNS on Draytek router
- Three critical holes in Linksys routers, hackers can take advantage of hijacking
- Detect dangerous security holes affecting many D-Link routers
- AMD patched a series of security holes in the graphics driver for Windows 10
- Detecting a series of vulnerabilities can help hackers disable metal detectors at airports
- Security flaw discovered in Bluetooth chip used by a billion devices worldwide
- YouTube found to contain serious security vulnerabilities
- Figured out how to take over iCloud, but Apple's behavior made this hacker depressed and gave up the whole 18,000 USD in bounty
- Detected critical zero-day vulnerability on Adobe Reader
- Apple releases iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3 updates that patch the critical zero-day vulnerability
- The Linux vulnerability series is more than '15 years old', allowing hackers to hijack root privileges
- Google revealed a critical flaw in Qualcomm's Adreno GPU
- Discovered a particularly dangerous vulnerability in Cisco Jabber video conferencing software
- Google Chrome has a serious zero-day error, and hackers can execute malicious code at its fullest
- Detect a critical flaw in VMware Cloud Director, which could pave the way for hackers to take control of enterprise servers
Using WhatsApp web is very simple.
How to create a virtual directory in an Azure Web application using PowerShell
HTML Web Workers API
HTML Web Storage API
What is HTML? Basic HTML structure
6 Free Web APIs Every AI Developer and 'Vibe Coder' Should Know
Tech info
Technology story
Technology comments
Quiz technology
New technology
British talent technology
Attack the network
System
Mac OS X
Hardware
Game
Technology
Science
Life
Application
Electric
Program
Mobile