DrayTek Routers Multiple Vulnerabilities
Release Date:
4 Oct 2024
2224
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in DrayTek Routers. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, cross-site scripting, information disclosure and denial of service condition on the targeted system.
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure
- Cross-Site Scripting
System / Technologies affected
- Vigor1000B
- Vigor2962
- Vigor3910
- Vigor3912
- Vigor165
- Vigor166
- Vigor2135
- Vigor2763
- Vigor2765
- Vigor2766
- Vigor2865
- Vigor2866
- Vigor2915
- Vigor2620
- VigorLTE200
- Vigor2133
- Vigor2762
- Vigor2832
- Vigor2860
- Vigor2925
- Vigor2862
- Vigor2926
- Vigor2952
- Vigor3220
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- Vigor1000B, Vigor2962, Vigor3910 Update to version 4.3.2.8 and 4.4.3.1 or later
- Vigor3912 Update to version 4.3.6.1 or later
- Vigor165, Vigor166 Update to version 4.2.7 or later
- Vigor2135, Vigor2763, Vigor2765, Vigor2766 Update to version 4.4.5.1 or later
- Vigor2865, Vigor2866, Vigor2915 Update to version 4.4.5.3 or later
- Vigor2620, VigorLTE200 Update to version 3.9.8.9 or later
- Vigor2133, Vigor2762, Vigor2832 Update to version 3.9.9 or later
- Vigor2860, Vigor2925 Update to version 3.9.8 or later
- Vigor2862, Vigor2926 Update to version 3.9.9.5 or later
- Vigor2952, Vigor3220 Update to version 3.9.8.2 or later
Please refer to the link below for detail:
Vulnerability Identifier
- CVE-2024-41583
- CVE-2024-41584
- CVE-2024-41585
- CVE-2024-41586
- CVE-2024-41587
- CVE-2024-41588
- CVE-2024-41589
- CVE-2024-41590
- CVE-2024-41591
- CVE-2024-41592
- CVE-2024-41593
- CVE-2024-41594
- CVE-2024-41595
- CVE-2024-41596
Source
Related Link
Share with