"DrayTek Fixed Critical Flaws in Over 700,000 Exposed Routers"

DrayTek has recently released security updates for multiple router models to address 14 vulnerabilities of varying severity, including a remote code execution flaw that received the maximum CVSS score of 10. DrayTek noted that the flaws impact actively supported and models that have reached end-of-life. Due to the severity, DrayTek has provided fixes for routers in both categories. According to Vedere Labs, 785,000 DrayTek routers might be vulnerable to the newly discovered set of flaws, with 704,500 having their web interface exposed to the internet. Five fixed flaws carry significant risks. They include FSCT-2024-0006 (CVSS score: 10.0), FSCT-2024-0007 (CVSS score: 9.1), FSCT-2024-0014 (CVSS score: 7.6), FSCT-2024-0001 (CVSS score: 7.5), and FSCT-2024-0002 (CVSS score: 7.5). There currently have been no reports of active exploitation of these flaws. Users should implement the security updates as soon as possible. If you want to read more about the vulnerabilities, please click the link below.

BleepingComputer reports: "DrayTek Fixed Critical Flaws in Over 700,000 Exposed Routers"

Submitted by Adam Ekwall on Wed, 10/02/2024 - 10:42