DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

700,000 DrayTek Routers at Risk from Critical Vulnerabilities!

  • Andy
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
03 Oct 2024 11:05 #103968 by Andy
Yes support confirmed this.

The table might be wrong, ideally we need an official notice from Draytek on this.

Please Log in or Create an account to join the conversation.

More
03 Oct 2024 11:14 - 03 Oct 2024 11:15 #103969 by pharcyder
Ofcourse I could be wrong here but my perception is that Draytek and/or their Support organisation have known about these vulnerabilities for a while if it was fixed in 4.4.5.2 (released in Aug 2024). Have they just sat on them without alerting the customer base?

Details of the bugs
https://www.forescout.com/resources/draybreak-draytek-research/
Last edit: 03 Oct 2024 11:15 by pharcyder.
The following user(s) said Thank You: Geroi

Please Log in or Create an account to join the conversation.

More
08 Oct 2024 19:09 #103985 by the_pit
Basically sloppy coding which sadly isn't unique. Companies have to pay to get good coders and many don't want to fork out such outlay or pay appropriate amounts to good coders so that they stay.

As for alerts I don't know if they send them out to registered owners or not.

Please Log in or Create an account to join the conversation.

  • Andy
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
21 Oct 2024 12:22 #104042 by Andy
Just a heads up that some more critical firmware releases have dropped on the UK site which mention Web GUI Security

Please Log in or Create an account to join the conversation.

More
21 Oct 2024 12:51 - 21 Oct 2024 12:51 #104043 by pharcyder
I also received formal notification from Draytek about all these CVEs. 3-4 months!!
Last edit: 21 Oct 2024 12:51 by pharcyder.

Please Log in or Create an account to join the conversation.

More
21 Oct 2024 13:22 #104044 by Geroi
The handling of this security issue by Draytek UK is truly shocking!

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami