Drivers Draytek

12/14/2021by admin
  • Access to Official Website Draytek Home English Home Spanish Home French Home German Drivers Spanish Drivers German Welcome to the HelpDrivers, driver for printers. Original files: In HelpDrivers, all drivers, manuals, BIOS, etc. Are those originally provided by the official manufacturers.
  • Access to Official Website Draytek Home English Home Spanish Home French Home German Drivers Spanish Drivers German Welcome to the HelpDrivers, driver for printers. Original files: In HelpDrivers, all drivers, manuals, BIOS, etc. Are those originally provided by the official manufacturers.

MS-ISAC ADVISORY NUMBER:

DrayTek Drivers. 67 drivers total Last updated: Dec 19th 2016, 03:53 GMT RSS Feed. Latest downloads from DrayTek in Firmware. Sort by: last update. DrayTek Vigor2104P Switch Firmware 2.5.7.3 28 downloads. Firmware DrayTek. Dec 19th 2016, 03:53.

2020-043

DATE(S) ISSUED:

04/01/2020

OVERVIEW:

Multiple vulnerabilities have been discovered in DrayTek devices which could allow for arbitrary code execution. DrayTek is a manufacturer of broadband CPE, including firewalls, VPN devices, routers and wireless LAN devices. Successful exploitation of these vulnerabilities could result in an attacker executing arbitrary code on the affected system. This could allow an attacker to eavesdrop on network traffic, operate SSH and Web based backdoors, and create system accounts.

THREAT INTELLIGENCE:

There are reports indicating these vulnerabilities have been exploited in the wild.

April 3 – UPDATED THREAT INTELLIGENCE:
According to Palo Alto Networks Unit42, there has been an increase in scanning for DrayTek products vulnerable to CVE-2020-8515. This vulnerability is currently being used by DDoS botnets for propagation.

SYSTEMS AFFECTED:

  • Vigor300B firmware versions prior to 1.5.1
  • Vigor2960 firmware versions prior to 1.5.1
  • Vigor3900 firmware versions prior to 1.5.1

Draytek Router Tool

Drivers Draytek

RISK:

Government:
  • Large and medium government entities: N/A
  • Small government entities: MEDIUM
Businesses:
  • Large and medium business entities: MEDIUM
  • Small business entities: MEDIUM
Draytek vigor 2925
Home Users:
N/A

TECHNICAL SUMMARY:

Draytek Firmware Upgrade

Multiple vulnerabilities have been discovered in DrayTek devices which could allow for arbitrary code execution. An attacker that successfully interacts with the below listed vulnerable endpoints on a vulnerable system could execute arbitrary code. These vulnerabilities have been assigned CVE-2020-8515.

  • Insufficient input control on the keypath field could allow for arbitrary command injection via the formLogin() function used by /www/cgi-bin/mainfunction.cgi.
  • Insufficient input control on the rtick field could allow for arbitrary command injection via the formCaptcha() function used by /www/cgi-bin/mainfunction.cgi.

Successful exploitation of these vulnerabilities could result in an attacker executing arbitrary code on the affected system. This could allow an attacker to eavesdrop on network traffic, operate SSH and Web based backdoors, and create system accounts.

RECOMMENDATIONS:

We recommend the following actions be taken:

  • Apply appropriate patches or mitigations provided by DrayTek to vulnerable systems immediately after appropriate testing.
  • Limit remote access to required users, and preferably only internally.
  • Apply the Principle of Least Privilege to all systems and services.

REFERENCES:

DrayTek:
https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-(cve-2020-8515)/
360 Netlab:
https://blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices-en/
CVE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8515
Palo Alto Networks Unit42:
https://unit42.paloaltonetworks.com/new-hoaxcalls-ddos-botnet/

Information Hub : Advisories

Newsletter10 Feb 2021
Media mention10 Feb 2021
Blog post10 Feb 2021
Press-release10 Feb 2021
Copyright © 2021
Comments are closed.